xm-cloud
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill serves as a legitimate technical guide for Sitecore XM Cloud development.
- [PROMPT_INJECTION]: The content does not contain instructions aimed at bypassing safety filters or overriding system behaviors.
- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized data access patterns were found. Environment variable examples for Sitecore API keys and endpoints use placeholders (e.g., 'your-api-key-here'), and network operations target well-known Sitecore domains.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known Node.js packages such as '@sitecore-jss/sitecore-jss-nextjs' and 'graphql-request'. There are no instances of remote code execution or downloads from unverified sources.
- [COMMAND_EXECUTION]: The skill does not include any scripts or commands that execute system processes or shell commands.
Audit Metadata