The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the official aio CLI and npx @adobe/aio-commerce-lib-app to initialize and build the application. These tools are provided by the vendor (Adobe) for the intended development environment.
[DATA_EXPOSURE]: The skill manages application secrets by generating an encryption key in the .env file and enforcing that password-type configuration fields must have an empty default value (""). This prevents developers from accidentally hardcoding secrets into the source code configuration.
[EXTERNAL_DOWNLOADS]: The skill requires standard Node.js packages from the @adobe namespace (@adobe/aio-commerce-lib-app, @adobe/aio-commerce-lib-config). As these originate from the trusted vendor of the platform, they are considered safe dependencies.
[DATA_EXPOSURE]: It references the storage of AIO_COMMERCE_CONFIG_ENCRYPTION_KEY in the local .env file for runtime decryption of configuration values. This is a standard practice for local development environments in the Adobe App Builder ecosystem.
[PROMPT_INJECTION]: The skill includes technical validation rules for various data types (email, URL, tel, boolean) to ensure that merchant-provided configuration data matches expected formats before the application is built.

commerce-app-business-config