Skills
skills/contentful/skills/contentful-nextjs/Gen Agent Trust Hub

contentful-nextjs

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill utilizes dynamic context injection (!command) in SKILL.md to help the agent understand the project state. These commands inspect package.json for installed dependencies and check for the presence of Contentful environment variables in .env files. The output of the environment variable check is explicitly masked using sed 's/=.*/=<set>/', ensuring sensitive tokens are not exposed to the agent context.
  • [SAFE]: External references and documentation links point to official Contentful domains and the Vercel (Next.js) GitHub repository. These are well-known and trusted sources for the technology stack described.
  • [SAFE]: The skill recommends standard package installations via npm install contentful and @contentful/rich-text-*, which are the official vendor-supported libraries.
  • [SAFE]: Security best practices are encouraged, such as storing API tokens in .env.local and ensuring client initialization logic keeps sensitive credentials on the server side in Next.js applications.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 01:36 PM