Skills
skills/orcaqubits/agentic-commerce-skills-plugins/medusa-security/Gen Agent Trust Hub

medusa-security

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill provides educational content and best practices for securing Medusa v2 e-commerce applications. It outlines the separation of admin and storefront authentication, explains the differences between publishable and secret API keys, and details proper CORS and session configuration.
  • [EXTERNAL_DOWNLOADS]: Fetches official architectural guidelines and security documentation from docs.medusajs.com to ensure configuration steps align with current developer standards.
  • [SAFE]: Analysis of data ingestion surface:
  • Ingestion points: Documentation is retrieved via WebFetch and WebSearch from docs.medusajs.com (SKILL.md).
  • Boundary markers: The skill does not explicitly define delimiters for the fetched content.
  • Capability inventory: The agent has access to Bash, Write, Edit, Grep, and Glob tools.
  • Sanitization: No specific filtering or validation of the external documentation content is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM