headless-checkout-proxy
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation and code examples demonstrate performing network requests to VTEX API endpoints (e.g.,
vtexcommercestable.com.br). These requests are necessary for the skill's primary function of managing shopping carts and processing orders via a well-known e-commerce service. - [DATA_EXFILTRATION]: The skill handles sensitive customer data, including profile information and payment details. It implements security-first patterns by mandating that these operations occur within a server-side BFF layer, enforcing input validation, and requiring response sanitization to prevent accidental exposure of internal session data to the client.
Audit Metadata