Skills
skills/orcaqubits/agentic-commerce-skills-plugins/saleor-deploy/Gen Agent Trust Hub

saleor-deploy

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch reference configuration from the official Saleor GitHub repository (saleor/saleor-platform). This is a well-known service, and the resource is used legitimately for deployment configuration.
  • [PROMPT_INJECTION]: The skill includes instructions to use WebSearch and WebFetch for documentation retrieval, creating an indirect prompt injection surface.
  • Ingestion points: WebSearch for deployment guides and WebFetch for GitHub repository content (SKILL.md).
  • Boundary markers: No explicit delimiters are used for the external content.
  • Capability inventory: The skill has access to Write, Edit, and Bash tools.
  • Sanitization: No specific sanitization of external documentation is implemented, but the risk is assessed as safe given the reliance on official vendor sources.
  • [SAFE]: No hardcoded credentials, malicious command execution, obfuscation, or data exfiltration patterns were found. Secret management instructions explicitly state to never store secrets in source code or images.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM