bc-checkout
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill refers to the installation of the official @bigcommerce/checkout-sdk package and provides a link to the bigcommerce/checkout-js GitHub repository, both of which are official resources from a well-known service provider.
- [PROMPT_INJECTION]: The skill is designed to ingest external data from BigCommerce's official developer documentation and through web searches for API references. While this creates a surface for indirect prompt injection, it is the primary intended function of the skill and targets highly trusted sources. Ingestion points: Documentation URLs and search results in SKILL.md. Boundary markers: None. Capability inventory: Uses Bash, Write, and Edit tools to implement checkout logic. Sanitization: Standard implementation without explicit validation of fetched documentation content.
Audit Metadata