skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/frappe-core-workflow/Gen Agent Trust Hub
frappe-core-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_EXECUTION]: The skill documents the use of
frappe.safe_eval()for evaluating transition conditions and state update values. This is a standard architectural feature of the Frappe framework designed for safe execution of Python expressions within a sandboxed environment. - [PRIVILEGE_ESCALATION]: Includes a code example for testing workflow permissions that utilizes
frappe.set_user("Administrator"). This is a routine method used in Frappe's unit testing framework to simulate different user roles and verify access control logic. - [INDIRECT_PROMPT_INJECTION]: The workflow engine processes expressions from document fields and transitions. Evidence chain: (1) Ingestion points: transition conditions and state update values stored in the Workflow DocType; (2) Boundary markers: expressions are evaluated in the context of individual documents; (3) Capability inventory: limited API access restricted to frappe.db, frappe.utils, and document field data; (4) Sanitization: enforced by the frappe.safe_eval sandboxed environment which restricts access to unsafe Python built-ins.
Audit Metadata