headless-checkout-proxy
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill identifies and mitigates security risks associated with headless checkout implementations. It mandates that all sensitive operations (cart management, order placement) be proxied through a BFF to prevent exposing the VTEX Checkout API directly to the frontend.
- [SAFE]: Implements secure session management by requiring the
orderFormIdand sensitive VTEX cookies (likeCheckoutOrderFormOwnership) to be stored in a server-side session rather than insecure client-side storage likelocalStorage. - [SAFE]: Demonstrates robust security practices by providing code examples for server-side input validation (
validateAddItemInput) and data sanitization (sanitizeOrderForm) before forwarding requests to external APIs. - [SAFE]: Follows best practices for secret management by using environment variables (
process.env.VTEX_APP_KEY,process.env.VTEX_APP_TOKEN) instead of hardcoding credentials in the instructions or code snippets. - [SAFE]: Addresses indirect prompt injection risks (Category 8 surface) by requiring strict validation of external data entering the BFF layer.
- Ingestion points: User-provided request bodies in BFF route handlers (SKILL.md).
- Boundary markers: Not explicitly defined for the LLM context, but instructions mandate developer-implemented validation.
- Capability inventory: Network operations via
fetchare restricted to the official VTEX Checkout API endpoints. - Sanitization: Code snippets provide explicit implementation of validation logic to filter and escape external content.
Audit Metadata