medusa-api-routes

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides developer-focused instructions for extending the Medusa v2 commerce framework. All code snippets follow standard TypeScript conventions for this framework.
  • [EXTERNAL_DOWNLOADS]: The skill uses WebSearch and WebFetch to retrieve current documentation from docs.medusajs.com, which is the official site for a well-known commerce platform. This is a benign use of external data to ensure the agent uses the most up-to-date API specifications.
  • [COMMAND_EXECUTION]: The skill allows the use of standard development tools such as Bash, Write, and Edit. These tools are scoped to the intended purpose of creating and modifying project files (src/api/*) and do not perform unauthorized system-level operations.
  • [DATA_EXFILTRATION]: No patterns associated with credential harvesting, sensitive file access (e.g., .env, SSH keys), or unauthorized data transmission were found.
  • [PROMPT_INJECTION]: The instructions focus on technical implementation and do not contain attempts to override agent safety guidelines or manipulate the model's underlying logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:50 PM
Security Audit — agent-trust-hub — medusa-api-routes