strapi-v5
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as an instructional guide for the Strapi v5 REST API and does not contain any malicious code or behavior.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets or API keys were detected. The skill correctly uses environment variables (e.g.,
process.env.STRAPI_TOKEN) and placeholders (e.g.,TOKEN="...") to guide the user in managing authentication securely. - [COMMAND_EXECUTION]: The provided
curland Node.js code examples are safe templates for interacting with a REST API. They do not execute arbitrary commands, modify system configurations, or attempt privilege escalation. - [EXTERNAL_DOWNLOADS]: All network operations and URL references target legitimate, well-known services associated with Strapi (such as
*.strapiapp.com,docs.strapi.io, andgithub.com/strapi/strapi). No downloads from untrusted or suspicious external sources are present. - [DATA_EXFILTRATION]: There are no patterns suggesting unauthorized data collection or exfiltration. Network requests are strictly for the purpose of communicating with the user's own Strapi instance.
- [OBFUSCATION]: The content is clear and readable. No obfuscation techniques such as Base64 encoding of commands, zero-width characters, or homoglyphs were found.
Audit Metadata