medusa-api-routes
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides developer-focused instructions for extending the Medusa v2 commerce framework. All code snippets follow standard TypeScript conventions for this framework.
- [EXTERNAL_DOWNLOADS]: The skill uses
WebSearchandWebFetchto retrieve current documentation fromdocs.medusajs.com, which is the official site for a well-known commerce platform. This is a benign use of external data to ensure the agent uses the most up-to-date API specifications. - [COMMAND_EXECUTION]: The skill allows the use of standard development tools such as
Bash,Write, andEdit. These tools are scoped to the intended purpose of creating and modifying project files (src/api/*) and do not perform unauthorized system-level operations. - [DATA_EXFILTRATION]: No patterns associated with credential harvesting, sensitive file access (e.g.,
.env, SSH keys), or unauthorized data transmission were found. - [PROMPT_INJECTION]: The instructions focus on technical implementation and do not contain attempts to override agent safety guidelines or manipulate the model's underlying logic.
Audit Metadata