Skills
skills/vercel-labs/sitecore-skills/marketplace-add-ai/Gen Agent Trust Hub

marketplace-add-ai

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [External Component Download]: The skill uses npx shadcn@latest add to fetch a configuration file from marketplace-sdk.sitecorecloud.io. This is a standard procedure for UI component initialization and targets an official Sitecore cloud domain.
  • [Client-Side Data Ingestion]: The skill processes user-provided content (text, images, and PDFs) for analysis. While this involves sending data to an API, it is done through the @anthropic-ai/sitecore-marketplace-sdk-client within the application's own context, which is the primary purpose of the skill.
  • [Authentication and Environment Variables]: The implementation patterns reference process.env.NEXT_PUBLIC_SITECORE_APP_ID and Auth0 access tokens. This is consistent with standard secure authentication practices for modern web applications.
  • [Command Line Execution]: A setup command is provided to the user to install necessary dependencies. This command is transparent and points to a relevant industry source.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 06:45 PM