spree-typescript-sdk
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to fetch and process content from external documentation sites and GitHub repositories. This behavior allows external data to enter the agent context, creating a surface for indirect prompt injection.
- Ingestion points: Instructions in
SKILL.mdto fetch documentation fromspreecommerce.organd GitHub. - Boundary markers: None. The skill does not provide instructions to the agent on how to delimit or treat the fetched content as potentially untrusted.
- Capability inventory: The skill environment allows for the use of
Bash,Write,Edit,Read, andWebFetchtools as specified in the frontmatter. - Sanitization: No sanitization or validation logic is specified for the content fetched from external sources.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and source code from
spreecommerce.organd GitHub. These are well-known official resources for the Spree e-commerce platform and the@spree/sdkpackage. - [COMMAND_EXECUTION]: The skill includes instructions for standard package installation using
npmandpnpmfor the@spree/sdkdependency. - [SAFE]: The skill provides explicit security recommendations, such as avoiding the exposure of administrative API keys in client-side code and using secure
httpOnlycookies for JWT storage.
Audit Metadata