sfnext-configuration
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional and provides guidelines for configuration management within the Storefront Next framework. No malicious patterns, obfuscation, or injection attempts were detected.
- [CREDENTIALS_UNSAFE]: The documentation discusses environment variables and secrets, but it uses non-sensitive placeholders for example values (e.g., 'your-secret', 'abc123'). The skill explicitly reinforces secure practices for handling sensitive data by advising developers to avoid using the 'PUBLIC__' prefix for secrets and accessing them only via 'process.env' on the server.
- [EXTERNAL_DOWNLOADS]: The skill references the '@salesforce/storefront-next-runtime/config' package, which is a legitimate library belonging to the author's organization.
Audit Metadata