{ "$schema": "../../plugin-cli/schemas/emdash-plugin.schema.json", "slug": "sandboxed-test", "publisher": "did:plc:xyraubanwc5fwemkduw3upi6", // plugins.emdashcms.com "license": "MIT", "author": { "name": "Matt Kane" }, "security": { "url": "https://github.com/emdash-cms/emdash/security/advisories/new" }, "description": "Test plugin exercising sandboxed-plugin enforcement and feature surface.", // Trust contract. Reads content + a single declared storage // collection. Outbound HTTP restricted to httpbin.org so the // adversarial-fetch tests have a real allowed host to contrast // with the disallowed ones. "capabilities": ["content:read", "network:request"], "allowedHosts": ["httpbin.org"], "storage": { "events": { "indexes": ["timestamp", "type"] }, }, // Admin surface — rendered by the `admin` route handler via Block Kit. "admin": { "pages": [{ "path": "/sandbox", "label": "Sandbox Tests", "icon": "shield" }], "widgets": [{ "id": "sandbox-status", "title": "Sandbox Status", "size": "half" }], }, }