sanity
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill provides standard development instructions and does not contain any patterns intended to bypass safety filters or override system behavior.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file path access detected. Code snippets for the Sanity client correctly demonstrate using environment variables for project IDs and datasets.
- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or homoglyphs were found in the provided text.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard and trusted Node.js libraries (@sanity/client and @sanity/image-url). There are no commands for remote script execution or dynamic code evaluation.
- [Privilege Escalation] (SAFE): No commands involving sudo, chmod, or administrative privilege modifications are present.
- [Persistence Mechanisms] (SAFE): The skill does not attempt to modify shell configurations or system startup services.
Audit Metadata