skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/frappe-syntax-clientscripts/Gen Agent Trust Hub
frappe-syntax-clientscripts
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation and syntax reference for writing JavaScript client scripts within the Frappe/ERPNext framework. All code snippets follow standard platform conventions for UI manipulation and server communication.
- [SAFE]: The documentation explicitly promotes security best practices, including a 'CRITICAL' warning that client-side validation must be paired with server-side validation to prevent bypasses via API calls or system consoles.
- [SAFE]: No patterns of prompt injection, data exfiltration, or obfuscation were detected. Network operations documented (such as
frappe.call) are standard for the platform's client-server architecture and are used here in an educational context. - [SAFE]: The skill uses placeholders (e.g., 'myapp.api.process_data') for server-side methods and correctly identifies the author as 'OpenAEC-Foundation', consistent with the provided vendor context.
Audit Metadata