vtex-io-app-settings
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill contains comprehensive instructions to prevent accidental data exposure. It specifically warns against leaking secrets in HTTP/GraphQL responses, HTML, logs, or frontend properties. It also recommends using the explicit access controls for settings schemas.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive tokens were found. The skill includes examples of how to securely handle API keys using JSON schema formats like password for masking and backend-side retrieval using official platform clients.
- [EXTERNAL_DOWNLOADS]: The skill does not download any external scripts or packages. External references point to the official vendor documentation for VTEX developers.
- [REMOTE_CODE_EXECUTION]: No patterns associated with remote code execution or dynamic code evaluation were detected.
- [COMMAND_EXECUTION]: There are no instructions or scripts that execute shell commands or system-level operations.
Audit Metadata