strapi
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive technical guide for integrating with Strapi CMS, following industry-standard practices and using official ecosystem tools.
- [EXTERNAL_DOWNLOADS]: The instructions involve installing official Node.js packages (@strapi/client, @strapi/plugin-graphql) and running the official project initializer (create-strapi) via npm and npx, which are standard procedures for this well-known service.
- [DATA_EXFILTRATION]: No sensitive data access or exfiltration patterns were detected; the skill demonstrates best practices by using environment variables and placeholders for credentials.
- [INDIRECT_PROMPT_INJECTION]: The Next.js integration example includes the use of dangerouslySetInnerHTML to render CMS content; while common for rendering rich text in CMS-driven applications, this represents a potential data-handling surface for external content that requires trusted input sources.
Audit Metadata