contentful-nextjs
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses dynamic context injection to perform diagnostic checks on the project environment, such as detecting the installed packages and the Next.js router type (App vs Pages).
- [SAFE]: Environment variable inspection is handled securely; while the skill verifies the presence of Contentful credentials in
.envfiles, it uses a pipe tosedto mask the actual secrets before the output is processed. - [SAFE]: Recommended dependencies and external documentation links point exclusively to official Contentful domains or trusted repositories from well-known organizations like Vercel.
- [SAFE]: The documentation reinforces security best practices by advising the use of
.env.localfor secret management and warning against exposing tokens in client-side bundles.
Audit Metadata