spree-security

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides high-quality technical documentation and configuration examples for securing Spree deployments. It covers critical areas such as authentication via Devise, authorization via CanCanCan, and mitigation strategies for common Rails-specific vulnerabilities like SQL injection and cross-site scripting.- [EXTERNAL_DOWNLOADS]: Mentions official security resources including the Spree security policy on GitHub and the Ruby Advisory Database (rubysec.com). These references point to established, trusted industry sources for vulnerability tracking and are appropriate for the skill's stated purpose.- [CREDENTIALS_UNSAFE]: Promotes secure secret management by explicitly advising against committing master keys to version control and recommending the use of platform-level secret managers or Rails' built-in encrypted credentials system.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — spree-security