Skills
skills/adobe/aio-commerce-sdk/commerce-app-init/Gen Agent Trust Hub

commerce-app-init

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute official Adobe CLI commands such as 'aio app build' and 'npx @adobe/aio-commerce-lib-app init' to initialize and verify the project structure. These are standard procedures for Adobe App Builder development.
  • [EXTERNAL_DOWNLOADS]: The skill fetches necessary scaffolding tools and dependencies from Adobe's official NPM registry and GitHub repositories ('adobe/skills'). All external resources are provided by the trusted vendor.
  • [SAFE]: The skill defines a configuration generation process ('app.commerce.config.ts') that ingests user-provided metadata. It implements security best practices by specifying validation constraints for input fields such as 'id' (alphanumeric and hyphens only) and 'version' (strict semver), minimizing the risk of indirect injection or project corruption.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 11:18 AM
Security Audit — agent-trust-hub — commerce-app-init