spree-testing

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a technical reference for writing tests in Spree applications. All code samples utilize standard Ruby on Rails testing libraries (RSpec, FactoryBot, Capybara) and mock external APIs (Stripe) appropriately.
  • [EXTERNAL_DOWNLOADS]: The skill directs the agent to fetch documentation from the official Spree Commerce website (spreecommerce.org) and check the status of the well-known spree_dev_tools gem on RubyGems and GitHub. These are trusted sources for development information and do not pose a security risk.
  • [COMMAND_EXECUTION]: Provides standard development commands for running tests (bundle exec rspec) and generating dummy applications for extension testing (bundle exec rake test_app). These are typical for the described workflow.
  • [DATA_EXPOSURE]: Includes an example of testing an API endpoint that uses a bearer token. The token is dynamically generated in the test environment using a FactoryBot factory (create(:publishable_api_key)), which is a secure and standard practice for integration testing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — spree-testing