marketplace-sdk-reference
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- Application Context Access: The documentation includes methods to access
app.context, which provides information about the current user, organization, and environment. While this involves handling sensitive user data such as email addresses, it is a routine feature for platform SDKs and follows expected integration patterns. - External Resource Reference: The skill instructs the agent to fetch the latest documentation from the official Sitecore developer portal. Using well-known, official sources for technical information is a standard and effective way to ensure accuracy.
- Content Processing Surface: The Brand Review API is designed to analyze various content types, which inherently involves processing untrusted external data.
- Ingestion points: User-provided text, images, and documents are passed to the
generateBrandReviewfunction inreferences/ai-api.md. Additionally, documentation is retrieved viaWebFetchas described inSKILL.md. - Boundary markers: The documentation does not currently specify the use of delimiters or 'ignore' instructions when processing this content.
- Capability inventory: The skill consists entirely of reference documentation and does not include any executable code, shell scripts, or system-level access.
- Sanitization: The reference materials do not explicitly detail sanitization or input validation steps for the content being reviewed.
- Integrated SDK Scopes: The skill references packages under the
@anthropic-aiscope, which are used to facilitate integrations between Sitecore and AI services. These scoped packages represent official vendor tools for developers.
Audit Metadata