contentful-api
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a language-agnostic documentation guide for Contentful's APIs. It contains instructional content and curl examples without any embedded executable scripts or code.
- [SAFE]: All network requests in the examples target official Contentful domains, including api.contentful.com, cdn.contentful.com, preview.contentful.com, images.ctfassets.net, and graphql.contentful.com. These are established services belonging to the skill's vendor.
- [SAFE]: The skill follows security best practices for credential management. It uses placeholders (e.g., {cma_token}) in its examples and includes a dedicated section on authentication security that explicitly warns against committing tokens to version control and recommends using environment variables.
- [SAFE]: No obfuscation, persistence mechanisms, or unauthorized privilege escalation patterns were detected. The skill's behavior is entirely consistent with its described purpose as an API guide.
Audit Metadata