api-cms-sanity
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious override patterns or jailbreak attempts were detected. The instructional content focus on project conventions and development requirements.
- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were identified. The skill correctly advises storing sensitive API tokens in environment variables and warns against exposing them in client-side code.
- [REMOTE_CODE_EXECUTION]: No patterns for downloading or executing arbitrary remote code were found. The skill uses official Sanity SDKs for content management.
- [COMMAND_EXECUTION]: Shell commands are restricted to standard CLI operations for project initialization and management. No dangerous commands or privilege escalation attempts were found.
- [SAFE]: The skill promotes security best practices, specifically mandating the use of parameterized GROQ queries to prevent injection vulnerabilities.
Audit Metadata