site-management
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes legitimate API calls to official Wix endpoints (
www.wixapis.com) to retrieve site information as part of its core functionality. - [COMMAND_EXECUTION]: Uses standard shell commands like
cat,echo, andjqfor reading and writing site selection preferences to a local configuration file (~/.claude/wix-selected-site.json). These operations are constrained to the user's home directory and are used for persistence of user-selected settings. - [CREDENTIALS_UNSAFE]: References a
WIX_ACCESS_TOKENenvironment variable. The skill correctly instructs users to manage this via standard platform configuration rather than hardcoding values. It uses standard Authorization headers for API requests. - [DATA_EXFILTRATION]: No unauthorized data exfiltration was detected. Network operations are limited to the vendor's official API domain (
wixapis.com) for the purpose of managing the user's own site data.
Audit Metadata