Skills
skills/openaec-foundation/frappe_claude_skill_package/frappe-ops-website-deploy/Gen Agent Trust Hub

frappe-ops-website-deploy

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill implements secure credential management protocols.
  • Documentation in SKILL.md explicitly warns users against hardcoding ERPNext API keys and secrets, recommending the use of environment variables or secure configurations instead.
  • [EXTERNAL_DOWNLOADS]: The deployment script references assets from well-known and trusted external services.
  • The scripts/deploy.py script configures website headers to load font resources from official Google domains (fonts.googleapis.com and fonts.gstatic.com).
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the ingestion of local mockup data.
  • Ingestion points: The scripts/deploy.py script reads HTML and CSS files from a local directory provided as a command-line argument.
  • Boundary markers: None; the extracted HTML content is processed as a raw section for Frappe Web Pages without wrapping in security delimiters.
  • Capability inventory: The skill uses the requests library to perform authenticated API calls (GET, POST, PUT) to create or update Web Templates, Web Pages, and Website Settings on a remote server.
  • Sanitization: Content is modified for layout purposes (link rewriting, body extraction) but is not validated or sanitized for embedded malicious scripts prior to deployment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 12:23 PM