build-tinacms-nextjs
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily educational and instructional, providing patterns for content modeling, visual editing, and deployment with TinaCMS.
- [COMMAND_EXECUTION]: Includes local utility scripts (scripts/check-tina-versions.sh and scripts/check-tina-env.sh) that use standard tools like find, grep, and node to safely inspect project configuration and dependency versions. These scripts are read-only and do not alter the user's environment.
- [CREDENTIALS_UNSAFE]: Environment variable handling follows security best practices, using placeholders and advising against committing .env.local files containing real secrets.
- [REMOTE_CODE_EXECUTION]: All referenced software packages are standard, well-known libraries from the official NPM registry. No untrusted remote script execution was found.
- [PROMPT_INJECTION]: The skill uses clear, directive language without attempting to override the agent's core safety protocols or system instructions.
Audit Metadata