medusa-fulfillment

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation reference and implementation guide for the Medusa v2 fulfillment module. It contains no executable scripts, binaries, or automated command execution that would present a security risk.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation from 'docs.medusajs.com' and use web search to find relevant API references. These are well-known, official documentation sources for the Medusa project and are considered safe.
  • [PROMPT_INJECTION]: No evidence of prompt injection, role-play bypasses, or safety-guideline overrides were detected in the instructions.
  • [DATA_EXFILTRATION]: There are no patterns suggesting the access or exfiltration of sensitive environment variables, credentials, or local system files.
  • [COMMAND_EXECUTION]: While the skill's frontmatter allows the 'Bash' tool, the content itself does not contain any shell commands or instructions to execute arbitrary code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:50 PM
Security Audit — agent-trust-hub — medusa-fulfillment