netsuite-sdf-safe-guide

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety filters, or extract system prompts were detected. The instructional language is entirely focused on the technical domain of NetSuite development.
  • [DATA_EXFILTRATION]: No sensitive file access (e.g., .ssh, .aws) or unauthorized network requests were found. The skill explicitly guides users on how to use NetSuite's API Secrets Management to avoid hardcoding credentials, which is a high-quality security practice.
  • [EXTERNAL_DOWNLOADS]: Dependencies mentioned (e.g., @oracle/suitecloud-unit-testing, @oracle/netsuite-uif-types) are official packages from a well-known service provider (Oracle). No risky downloads from untrusted sources or paste sites were identified.
  • [COMMAND_EXECUTION]: The skill uses standard NetSuite development commands (e.g., 'suitecloud project:deploy', 'suitecloud project:validate') within the appropriate context of an SDF project. No arbitrary or high-risk command execution patterns were found.
  • [PRIVILEGE_ESCALATION]: The skill includes explicit security warnings against using the ADMINISTRATOR role for script execution and provides patterns for implementing least-privilege custom roles.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 08:11 PM
Security Audit — agent-trust-hub — netsuite-sdf-safe-guide