Skills
skills/contentful/skills/contentful-custom-app-from-scratch/Gen Agent Trust Hub

contentful-custom-app-from-scratch

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructional workflows for building Contentful apps. It includes explicit security advice such as keeping secrets out of code (references/app-planning.md), using secret installation parameters for sensitive data, and developing in sandbox environments.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx create-contentful-app@latest to scaffold new projects. This is the official and well-known initialization tool for Contentful development.
  • [COMMAND_EXECUTION]: The skill suggests standard development commands like npm install, typecheck, and lint. It also includes a diagnostic rg (ripgrep) command to audit code for inefficient API usage patterns related to Contentful installation parameters.
  • [DATA_EXFILTRATION]: No data exfiltration patterns were detected. The skill specifically instructs the agent to avoid placing tokens or credentials in logs, source files, or screenshots.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:18 PM
Security Audit — agent-trust-hub — contentful-custom-app-from-scratch