cms
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- Environment Variable Management: The skill correctly utilizes environment variables (e.g.,
SANITY_API_TOKEN,CONTENTFUL_ACCESS_TOKEN) to manage sensitive credentials, ensuring that API keys are not hardcoded within the application logic. - Webhook Security: The provided code for on-demand revalidation includes signature verification using a secret (
SANITY_REVALIDATE_SECRET), which is a security consideration to prevent unauthorized requests from triggering cache updates. - Access Control for Preview Modes: The implementation of Next.js Draft Mode uses a token-based check (
DRAFT_SECRET) to ensure that only authorized users can access preview content. - Use of Trusted SDKs: The skill references official and well-known SDKs from established CMS providers, which are standard tools for these integrations.
Audit Metadata