Skills
skills/orcaqubits/agentic-commerce-skills-plugins/medusa-fulfillment/Gen Agent Trust Hub

medusa-fulfillment

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches live documentation and API references from MedusaJS's official domain (docs.medusajs.com).
  • [PROMPT_INJECTION]: Evaluated for indirect prompt injection surface as the skill ingests external documentation to guide code generation.
  • Ingestion points: WebSearch and WebFetch operations targeting docs.medusajs.com (SKILL.md).
  • Boundary markers: No specific delimiters or markers are defined for external content.
  • Capability inventory: The skill lists Bash, Write, and Edit tools in its allowed-tools configuration (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the fetched documentation content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:11 AM