contentful-personalization
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bash wrapper (
scripts/run) to execute its core logic via a local Node.js binary (contentful-personalization.mjs). This is the standard operational model for the workflow engine it employs. - [EXTERNAL_DOWNLOADS]: The
onboardsub-skill is designed to automate the installation of official Contentful and Ninetailed SDK packages (e.g.,@ninetailed/experience.js,@contentful/optimization) via package managers. These are trusted vendor-provided libraries. - [DATA_EXFILTRATION]: The
doctorandonboardsub-skills explore the project codebase and environment variables (e.g.,CONTENTFUL_TOKEN,NEXT_PUBLIC_NINETAILED_CLIENT_ID) to verify configuration. This data access is used strictly for local diagnostics and setup verification. - [PROMPT_INJECTION]: The
live-debugfunctionality ingests content from external URLs using Chrome DevTools. While this presents an indirect prompt injection surface where a malicious webpage could attempt to influence the agent, the risk is inherent to the debugging purpose and is mitigated by the tool's limited diagnostic scope. - [SAFE]: No signs of malicious obfuscation, credential theft, or unauthorized persistence mechanisms were found. The skill's behavior aligns with its documented purpose as a developer utility for Contentful services.
Audit Metadata