saleor-storefront
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests cloning the official Saleor core repository from GitHub for the purpose of investigating API behavior. This repository is a vendor-owned resource.
- [COMMAND_EXECUTION]: The guidelines include standard development commands, such as
git cloneandgrep, to assist agents in searching for logic within the source code or investigating API resolvers. - [PROMPT_INJECTION]: The skill patterns involve processing external data from the Saleor GraphQL API, creating an indirect prompt injection surface. Content within API fields like product descriptions or metadata could contain instructions intended to influence the agent's behavior.
- Ingestion points: Saleor GraphQL API response fields, including
product.description,category.name, and attribute values. - Boundary markers: No specific boundary markers or 'ignore' instructions are provided to delimit external content from system instructions.
- Capability inventory: Network interaction via GraphQL queries; local command execution for source code investigation.
- Sanitization: The instructions do not specify validation or sanitization requirements for content retrieved from the API.
Audit Metadata