Skills
skills/orcaqubits/agentic-commerce-skills-plugins/bc-app-dev/Gen Agent Trust Hub

bc-app-dev

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches live documentation and integration guides from the official BigCommerce developer portal.
  • [DATA_EXFILTRATION]: Outlines standard OAuth 2.0 token exchange procedures using official BigCommerce endpoints and recommends security measures such as token encryption and JWT signature verification.
  • [COMMAND_EXECUTION]: References the installation of the official @bigcommerce/big-design library from the npm registry for building integrated admin interfaces.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by instructing the agent to ingest data from web searches and the BigCommerce documentation site while having write and shell access. 1. Ingestion points: BigCommerce developer portal and web search results. 2. Boundary markers: Absent. 3. Capability inventory: Write, Edit, and Bash. 4. Sanitization: Absent. The surface is categorized as low risk due to the focus on official technical documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM