sfnext-configuration

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is purely instructional and provides guidelines for configuration management within the Storefront Next framework. No malicious patterns, obfuscation, or injection attempts were detected.
  • [CREDENTIALS_UNSAFE]: The documentation discusses environment variables and secrets, but it uses non-sensitive placeholders for example values (e.g., 'your-secret', 'abc123'). The skill explicitly reinforces secure practices for handling sensitive data by advising developers to avoid using the 'PUBLIC__' prefix for secrets and accessing them only via 'process.env' on the server.
  • [EXTERNAL_DOWNLOADS]: The skill references the '@salesforce/storefront-next-runtime/config' package, which is a legitimate library belonging to the author's organization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 11:40 PM
Security Audit — agent-trust-hub — sfnext-configuration