odoo-web
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional documentation and reference material for Odoo web development. It emphasizes security best practices such as selecting the appropriate authentication level (auth='user', auth='public', or auth='none') to prevent data exposure.
- [SAFE]: The instructions include specific warnings against insecure patterns, such as disabling CSRF on session-authenticated routes or using blanket sudo() calls in controllers. It recommends narrow, justified use of sudo() for public data access.
- [SAFE]: No malicious activities such as unauthorized data exfiltration, remote code execution, or prompt injection were detected. The example code provided follows standard Odoo framework patterns and security disciplines.
- [SAFE]: The skill encourages an 'introspect-first' approach, directing users to verify route tables and record rules on the running instance before writing code, which helps prevent configuration errors that could lead to security vulnerabilities.
Audit Metadata