Skills
skills/orcaqubits/agentic-commerce-skills-plugins/magento-plugins-interceptors/Gen Agent Trust Hub

magento-plugins-interceptors

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches official documentation from Adobe's developer portal (developer.adobe.com). This is a well-known service for Magento development and is documented neutrally as a trusted source of technical information.
  • [PROMPT_INJECTION]: The skill maintains an attack surface for indirect prompt injection by processing external web content. 1. Ingestion points: Technical documentation is retrieved from https://developer.adobe.com/commerce/php/development/components/plugins/ using the WebFetch tool. 2. Boundary markers: No specific delimiters or safety instructions are defined to separate external content from internal logic. 3. Capability inventory: The agent is authorized to use Bash, Write, and Edit tools, which allows for filesystem modification and command execution based on processed data. 4. Sanitization: The skill does not implement validation or filtering for the fetched data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM