peristyle-grocery-cart
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill implements proactive defenses against indirect prompt injection by explicitly instructing the agent to treat all recipe content and API responses as untrusted data. It provides specific instructions to detect and ignore embedded directives such as "ignore previous instructions" or requests to exfiltrate keys, correctly surfacing them as suspicious to the user.
- [CREDENTIALS_UNSAFE]: The skill manages user OAuth tokens and includes strict handling rules: the agent is prohibited from echoing tokens in logs or output and is instructed to store them in a local configuration file at
~/.config/peristyle-grocery-cart/api-keyonly when the recommended MCP server is unavailable. - [COMMAND_EXECUTION]: To ensure credential security, the skill instructs the agent to apply restricted file permissions (
chmod 600) to its local configuration file, adhering to the principle of least privilege for sensitive data storage. - [EXTERNAL_DOWNLOADS]: The skill is pinned to the vendor's official API at
api.peristyle.iofor all data retrieval and cart operations. It includes a specific guardrail to treat unexpected base URLs as a red flag, preventing unauthorized network connections. - [NO_CODE]: The skill consists entirely of instructional markdown and evaluation files, containing no executable scripts, binaries, or active code within the package.
Audit Metadata