vtex-io-app-settings
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as an educational resource and set of best practices for developers. It does not contain executable code or malicious instructions.
- [SAFE]: It explicitly promotes data security by instructing developers to avoid hardcoding secrets (API keys, tokens) and advising on how to properly handle sensitive configuration.
- [SAFE]: It defines clear security boundaries, warning against exposing backend secrets to frontend responses or logs.
- [SAFE]: It provides guidance on the principle of least privilege by discouraging the use of broad workspace-level policies and advocating for narrow, well-defined permissions.
- [SAFE]: It encourages robust configuration validation through the use of explicit JSON schemas to ensure data integrity and prevent errors.
Audit Metadata