marketplace-add-extension
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [Input-Based File Scaffolding]: The skill uses the provided extension type to determine the destination for generated route files. \n
- Ingestion points: The user-supplied extension type is captured via the
argument-hintinSKILL.md. \n - Boundary markers: No explicit delimiters are used to wrap the input during the construction of file paths. \n
- Capability inventory: The workflow involves file system write operations to create new component files in the
app/directory. \n - Sanitization: Input validation is not explicitly defined, relying on the agent to interpret the path based on the provided templates. \n- [Project Infrastructure Dependencies]: The React templates provided in
references/extension-types.mdreference local project hooks and UI components (e.g.,@/hooks/use-sitecore). This assumes the target application has a compatible architecture and these components are already available in the workspace.
Audit Metadata