Skills
skills/kehwar/skills/frappe-app-include-js/Gen Agent Trust Hub

frappe-app-include-js

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill documents standard practices for Frappe framework development, including registering assets in hooks.py and using the frappe.provide and $.extend patterns for namespacing. No malicious patterns or security vulnerabilities were identified in the provided templates.
  • [DATA_EXFILTRATION]: While the skill uses frappe.call and frappe.realtime for network communication, these are standard framework mechanisms for interacting with the application server. The skill correctly encourages wrapping these calls in named functions to centralize interaction with whitelisted backend methods.
  • [REMOTE_CODE_EXECUTION]: No patterns for remote code execution or unauthorized package installations were detected. The skill focuses entirely on client-side JavaScript structure and standard asset pipeline configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:40 PM
Security Audit — agent-trust-hub — frappe-app-include-js