bc-payments
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as an educational and implementation guide for BigCommerce APIs. It does not contain malicious instructions or hidden payloads.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation and endpoints from BigCommerce (developer.bigcommerce.com and payments.bigcommerce.com). These are well-known service domains and are used legitimately for fetching technical documentation and processing API requests.
- [PROMPT_INJECTION]: No evidence of prompt injection, role-play bypasses, or instructions to ignore safety guidelines were found.
- [DATA_EXFILTRATION]: There are no hardcoded credentials or attempts to access sensitive local system files. The skill specifically includes a 'Best Practices' section advising against logging or storing raw payment data.
- [COMMAND_EXECUTION]: While the skill lists Bash as an allowed tool, it does not provide any instructions to execute dangerous or unauthorized commands. Its focus is on API interaction logic.
Audit Metadata