vtex-io-application-performance
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill includes comprehensive defensive guidelines for multi-tenant environments. It explicitly warns that in-process caches must be partitioned by account and workspace to prevent data leakage between different tenants sharing the same execution environment.
- [SAFE]: Provides clear instructions on handling sensitive data, specifically advising against caching PII, tokens, or authorization-sensitive information in global state and recommending redaction in application logs.
- [SAFE]: Establishes hard constraints for data integrity in financial paths, requiring that storage operations (VBase writes) are awaited to prevent race conditions or silent failures that could lead to duplicate transactions.
- [SAFE]: Incorporates performance and resilience patterns such as parallel I/O and explicit timeouts for outbound calls, which are standard best practices for stable backend services.
Audit Metadata