medusa-storefront
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains standard technical documentation, directory structures, and code snippets for implementing a MedusaJS storefront with Next.js 15.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use
WebSearchandWebFetchto retrieve official documentation fromdocs.medusajs.comand the official starter template from themedusajsGitHub organization. These are well-known, legitimate sources for the technology being integrated. - [COMMAND_EXECUTION]: While the skill allows the
Bashtool, its instructions focus on code generation and project structure rather than executing arbitrary or dangerous commands. Standard shell commands for package management or project initialization are expected in this developer context. - [CREDENTIALS_UNSAFE]: The skill includes placeholders for environment variables (
NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY=pk_...). These are safe examples of public-facing API keys required for storefront functionality and do not contain sensitive secrets.
Audit Metadata