frappe-reports

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and code examples for Frappe development. All code samples follow standard framework best practices.
  • [DATA_EXPOSURE]: The skill discusses data reporting but does not hardcode credentials or access sensitive system paths (e.g., .ssh, .aws). It focuses on application-level DocType data.
  • [COMMAND_EXECUTION]: While Script Reports involve Python and JavaScript, the skill only provides documentation templates for these scripts and does not execute arbitrary shell commands.
  • [PROMPT_INJECTION]: No attempts to override agent behavior or bypass safety filters were detected in the instructions or metadata.
  • [DATA_EXFILTRATION]: No network operations or external data exfiltration patterns were identified.
  • [SAFE]: The skill includes a dedicated 'Guardrails' section and 'Common Mistakes' table that specifically warns users about SQL injection and the importance of permission checks (frappe.has_permission).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 08:05 AM
Security Audit — agent-trust-hub — frappe-reports