commerce-app-webhooks
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run
aio app buildusing the Adobe I/O CLI. This is a standard development command used to validate the application's configuration and build the project. - [EXTERNAL_DOWNLOADS]: The skill references official Adobe Node.js packages including
@adobe/aio-commerce-lib-appand@adobe/aio-commerce-lib-webhooks. These are trusted vendor resources provided by Adobe for commerce application development. - [INDIRECT_PROMPT_INJECTION]: The skill creates a surface for processing external data from Adobe Commerce operations within generated action handlers.
- Ingestion points: The
paramsobject insrc/commerce-extensibility-1/actions/validate-product/index.tsreceives data from intercepted Commerce operations. - Boundary markers: No explicit boundary markers or 'ignore' instructions are included in the generated handler code.
- Capability inventory: The skill manages configuration files and provides a template for logic execution within Adobe Runtime actions.
- Sanitization: The skill provides validation rules for configuration identifiers but does not explicitly instruct the agent to sanitize input data within the action handler logic.
Audit Metadata