Skills
skills/thinkfleetai/thinkfleet-engine/woocommerce/Gen Agent Trust Hub

woocommerce

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses system binaries curl and jq to perform store management operations.
  • Evidence: Multiple bash blocks in SKILL.md demonstrate the use of curl for GET, POST, and PUT requests to interact with WooCommerce endpoints.
  • [PROMPT_INJECTION]: The skill ingests data from external API responses, which constitutes an indirect prompt injection surface.
  • Ingestion points: API responses from the WooCommerce store (e.g., product lists, order details) enter the agent's context.
  • Boundary markers: None. The skill does not use specific delimiters or instructions to notify the agent that the fetched data should be treated as untrusted content.
  • Capability inventory: The skill can read and modify products, orders, and customer data using the provided API credentials.
  • Sanitization: While jq is used to filter and structure the JSON output, the actual text content (e.g., product descriptions) is not sanitized or escaped, allowing potentially malicious instructions in store data to be processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:14 AM