spree-typescript-sdk

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to fetch and process content from external documentation sites and GitHub repositories. This behavior allows external data to enter the agent context, creating a surface for indirect prompt injection.
  • Ingestion points: Instructions in SKILL.md to fetch documentation from spreecommerce.org and GitHub.
  • Boundary markers: None. The skill does not provide instructions to the agent on how to delimit or treat the fetched content as potentially untrusted.
  • Capability inventory: The skill environment allows for the use of Bash, Write, Edit, Read, and WebFetch tools as specified in the frontmatter.
  • Sanitization: No sanitization or validation logic is specified for the content fetched from external sources.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and source code from spreecommerce.org and GitHub. These are well-known official resources for the Spree e-commerce platform and the @spree/sdk package.
  • [COMMAND_EXECUTION]: The skill includes instructions for standard package installation using npm and pnpm for the @spree/sdk dependency.
  • [SAFE]: The skill provides explicit security recommendations, such as avoiding the exposure of administrative API keys in client-side code and using secure httpOnly cookies for JWT storage.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — spree-typescript-sdk