frappe-app-development
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides templates and instructions for creating Frappe applications. The provided code patterns emphasize security by including explicit permission checks (
frappe.has_permission), input validation, and secure database interactions via the Frappe Query Builder (frappe.qb), which prevents SQL injection. - [EXTERNAL_DOWNLOADS]: The skill includes an example integration connector in
assets/mini-app-template/your_app/integrations/sample_connector.pythat uses therequestslibrary to fetch data fromhttps://example.com/status. This is a standard implementation for external integrations using a well-known domain for demonstration purposes. - [COMMAND_EXECUTION]: The skill instructs the user to use standard Frappe CLI commands (
bench new-app,bench install-app) for local development and application management. These are documented framework utilities and do not pose a security risk in this context.
Audit Metadata