vtex-io-auth-tokens-and-context

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is an instructional resource focused on secure authentication practices within the VTEX IO environment.
  • [SAFE]: It promotes the principle of least privilege by requiring the use of user-specific tokens (STORE_TOKEN or ADMIN_TOKEN) for user-initiated actions instead of defaulting to broader application-level tokens.
  • [SAFE]: It explicitly prohibits insecure practices such as hardcoding API credentials (appKey and appToken) in source code or environment variables.
  • [SAFE]: The skill provides defensive coding patterns to prevent data exposure, such as forbidding the logging of raw tokens or returning them in service responses.
  • [SAFE]: All external references point to official VTEX developer documentation (developers.vtex.com).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:06 AM
Security Audit — agent-trust-hub — vtex-io-auth-tokens-and-context