understanding-saleor-domain
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill requests restricted access to Bash via pnpm, git, and ls command prefixes. These are consistent with the skill's purpose for managing a configuration-as-code repository in a development environment.
- DATA_EXFILTRATION (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. All examples utilize dummy data and placeholder values for addresses, pricing, and settings.
- PROMPT_INJECTION (SAFE): Analysis of indirect injection surface: 1. Ingestion points: local YAML configuration files. 2. Boundary markers: Absent, but mitigated by structured data format. 3. Capability inventory: restricted Bash tools. 4. Sanitization: Snippets provide Zod schema validation for identification fields. No attempts to override agent behavior or safety filters were identified.
- EXTERNAL_DOWNLOADS (SAFE): No remote scripts or unverified dependencies are executed or requested for download.
Audit Metadata