payment-provider-framework

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a technical manual for the VTEX IO Payment Provider Framework. All instructions, constraints, and code patterns align with official VTEX documentation and standard practices for payment integration.
  • [SAFE]: The dependency management section correctly identifies specific package versions required to maintain compatibility with the platform's TypeScript 3.9.7 compiler. These are well-known development packages (e.g., @vtex/api, @types/node) from a trusted ecosystem.
  • [SAFE]: The instructions regarding Secure Proxy promote secure handling of sensitive card data by ensuring it is transmitted through an isolated, PCI-compliant proxy rather than being processed directly by the connector's own code.
  • [SAFE]: Permissions requested (e.g., vbase-read-write, outbound-access) are scoped to the necessary functionality of a payment connector within the VTEX IO sandbox environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:05 AM
Security Audit — agent-trust-hub — payment-provider-framework