Skills
skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/frappe-impl-serverscripts/Gen Agent Trust Hub

frappe-impl-serverscripts

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is purely documentation and instructional material for the Frappe framework. It does not contain any executable scripts or malicious patterns.
  • [SAFE]: The skill provides defensive guidance by explicitly warning against security risks such as SQL injection, missing permission checks, and unsafe input handling in the 'references/anti-patterns.md' file.
  • [SAFE]: Code examples consistently demonstrate best practices, such as using parameterized queries (%(var)s) or frappe.db.escape() to mitigate SQL injection vulnerabilities.
  • [SAFE]: Permission checks (frappe.has_permission) are included in API and query examples to ensure that data access is appropriately restricted based on user roles.
  • [SAFE]: The skill correctly documents the limitations of the RestrictedPython sandbox used by the Frappe framework, which prevents unsafe operations like arbitrary imports or direct file system access.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 11:52 AM