Skills
skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/frappe-core-files/Gen Agent Trust Hub

frappe-core-files

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill focuses on providing educational content and secure implementation patterns for the Frappe framework.
  • [CREDENTIALS_UNSAFE]: The documentation uses illustrative placeholders for sensitive configuration fields, such as S3_ACCESS_KEY, S3_SECRET_KEY, and API tokens (api_key:api_secret). No actual secrets or credentials are hardcoded.
  • [COMMAND_EXECUTION]: Code snippets use standard framework APIs (frappe.get_file, save_file, delete_doc) for file operations. No dangerous or arbitrary command execution patterns were found.
  • [EXTERNAL_DOWNLOADS]: The save_url method is documented as a built-in framework utility for fetching remote assets. The examples provided use generic, non-suspicious URLs (e.g., example.com).
  • [DATA_EXFILTRATION]: No patterns of sensitive data exfiltration were detected. The skill specifically highlights the importance of using is_private=1 to protect sensitive documents from public access.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 11:52 AM