vtex-io-auth-tokens-and-context
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is an instructional resource focused on secure authentication practices within the VTEX IO environment.
- [SAFE]: It promotes the principle of least privilege by requiring the use of user-specific tokens (STORE_TOKEN or ADMIN_TOKEN) for user-initiated actions instead of defaulting to broader application-level tokens.
- [SAFE]: It explicitly prohibits insecure practices such as hardcoding API credentials (appKey and appToken) in source code or environment variables.
- [SAFE]: The skill provides defensive coding patterns to prevent data exposure, such as forbidding the logging of raw tokens or returning them in service responses.
- [SAFE]: All external references point to official VTEX developer documentation (developers.vtex.com).
Audit Metadata