WooCommerce Automation
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from an external WooCommerce environment which could contain malicious instructions.
- Ingestion points: Data retrieved from the WooCommerce store via
woo_orders,woo_products, andwoo_customerstools is used in automated workflows. - Boundary markers: The provided templates (e.g.,
product_template,email_automation) do not explicitly define boundary markers or 'ignore' instructions for interpolated external data. - Capability inventory: The skill has the capability to update store data, send emails to customers, and manage coupons via the
ecommerce-mcptools. - Sanitization: There is no evidence of data sanitization or validation logic within the provided workflow configurations to prevent the execution of instructions embedded in field values like product names or customer notes.
Audit Metadata