frappe-doctype-development

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes instructions for running standard Frappe CLI commands such as bench --site <site> console and bench --site <site> migrate to verify the environment and apply database schema changes.
  • [EXTERNAL_DOWNLOADS]: Reference files include example code using the requests library to fetch data from placeholder external APIs (e.g., https://api.example.com/products). This is a legitimate implementation pattern for Virtual DocTypes defined in the framework.
  • [SAFE]: The skill focuses on providing technical guidance for DocType creation, lifecycle hooks, and permission management. It follows security best practices by illustrating how to retrieve credentials from the framework's settings rather than hardcoding them.
  • [DATA_EXFILTRATION]: No malicious data exfiltration patterns were detected. Network operations mentioned in the reference materials are restricted to well-known placeholder domains used for educational examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 08:06 AM
Security Audit — agent-trust-hub — frappe-doctype-development