bc-setup

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or provided scripts.
  • [EXTERNAL_DOWNLOADS]: The skill installs the official @bigcommerce/stencil-cli package via npm and utilizes npx create-catalyst-storefront. These are standard tools provided by the platform vendor for theme and headless development.
  • [DATA_EXFILTRATION]: Instructions provide templates for managing API credentials (Client ID, Access Token, Client Secret). The skill correctly advises storing these in .env and .stencil files and explicitly mandates adding these files to .gitignore to prevent credential exposure.
  • [COMMAND_EXECUTION]: Includes standard shell commands for package installation and local development server management (npm install, stencil start, stencil init). All commands are contextually appropriate for the stated purpose of setting up a BigCommerce development environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM
Security Audit — agent-trust-hub — bc-setup