bc-headless

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides standard architectural guidance and implementation patterns for BigCommerce headless commerce, referencing official documentation at catalyst.dev and developer.bigcommerce.com.
  • [EXTERNAL_DOWNLOADS]: Recommends bootstrapping projects using npx create-catalyst-storefront@latest, which is the official initialization tool provided by BigCommerce on the npm registry.
  • [COMMAND_EXECUTION]: Instructions involve standard project initialization and development workflows using Bash and Node.js. No suspicious or obfuscated commands were detected.
  • [DATA_EXFILTRATION]: While the skill lists environment variables for API credentials (e.g., BIGCOMMERCE_ACCESS_TOKEN), these are documented as placeholders for user configuration. No hardcoded secrets or unauthorized data transmission patterns are present.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — bc-headless