spree-api-v3
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches technical documentation and OpenAPI specifications from the official Spree Commerce website to ensure accuracy during development.
- [COMMAND_EXECUTION]: Includes instructions to generate a TypeScript client using the well-known
@openapitools/openapi-generator-clipackage. - [PROMPT_INJECTION]: The skill identifies external documentation as a source of information, which represents an indirect prompt injection surface.
- Ingestion points: Documentation URLs and OpenAPI specifications from the official vendor site (
spreecommerce.org) referenced inSKILL.md. - Boundary markers: None explicitly defined for processing external data.
- Capability inventory: The skill utilizes file system tools (
Write,Edit) and shell execution (Bash) for development tasks. - Sanitization: No specific content validation or filtering for external documentation is provided.
Audit Metadata