medusa-fulfillment
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation reference and implementation guide for the Medusa v2 fulfillment module. It contains no executable scripts, binaries, or automated command execution that would present a security risk.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation from 'docs.medusajs.com' and use web search to find relevant API references. These are well-known, official documentation sources for the Medusa project and are considered safe.
- [PROMPT_INJECTION]: No evidence of prompt injection, role-play bypasses, or safety-guideline overrides were detected in the instructions.
- [DATA_EXFILTRATION]: There are no patterns suggesting the access or exfiltration of sensitive environment variables, credentials, or local system files.
- [COMMAND_EXECUTION]: While the skill's frontmatter allows the 'Bash' tool, the content itself does not contain any shell commands or instructions to execute arbitrary code.
Audit Metadata