frappe-dev
Pass
Audited by Gen Agent Trust Hub on Jun 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the
benchCLI to manage Frappe applications, including site creation, app installation, and database migrations. These are necessary operations for the skill's stated purpose of Frappe development. - [CREDENTIALS_UNSAFE]: The skill provides instructions for the user to set database root passwords and admin passwords using the
benchCLI. These instructions are intended for local development site setup and do not involve harvesting or exfiltrating credentials. - [SAFE]: The skill follows Frappe Framework security best practices, such as recommending Python type hints to prevent type-confusion attacks in APIs and using
frappe.db.escapefor SQL fragments in permission queries.
Audit Metadata