This one walks you through hardening VTEX IO app boundaries against exposure and leakage. Use it when reviewing whether a route should be public, validating external input at service boundaries, or checking if account, workspace, or user context could bleed across integrations. The core insight is treating every public route as an explicit trust boundary and never assuming internal service calls are inherently safe. It covers the gaps between authorization decisions (which token, which policy) and exposure decisions (what data crosses the line, what gets validated first). The constraints are practical: validate untrusted input immediately, never return raw downstream payloads, keep sensitive values out of logs, and always check context scope explicitly. Good for route hardening and integration reviews where the question is "is this boundary too permissive" rather than "who can call this."
npx skills add https://github.com/vtex/skills --skill vtex-io-security-boundaries