odoo-security

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructions for the secure configuration of Odoo access controls. It focuses on using introspection tools ('odoo-ai') to extract and analyze real-time security data (ACLs and Record Rules) from the database rather than relying on potentially inaccurate source code assumptions.\n- [SAFE]: No evidence of prompt injection, data exfiltration, or malicious obfuscation was found. The skill includes warnings against common security risks, such as the misuse of 'sudo()' and the default RPC exposure of public methods in Odoo 18.2+.\n- [SAFE]: External references and tool usage ('odoo-introspect', 'odoo-debug', 'odoo-ai') are within the scope of the developer's toolset and do not involve untrusted third-party sources.\n- [SAFE]: The skill implements a security-first approach by instructing the agent to use explicit check methods ('check_access', 'has_access') and to document the rationale for any privileged operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 05:59 PM
Security Audit — agent-trust-hub — odoo-security