Adoption & Strategy6 min readβ€’

Top 5 Mistakes Teams Make Adding AI to Their CMS

Six months into an AI content initiative, a team ships an "AI-powered" CMS: a ChatGPT button bolted onto the rich-text field.

Six months into an AI content initiative, a team ships an "AI-powered" CMS: a ChatGPT button bolted onto the rich-text field. Editors click it, paste in a prompt, and get back plausible-sounding copy that no one can trace, review, or govern. The content model still can't tell a product spec from a marketing claim, retrieval pulls stale data, and legal is asking who approved the hallucinated statistic that shipped to production. The pilot stalls, and the "AI CMS" becomes a demo no one trusts in the editorial loop.

The mistake is almost never the model. It is the assumption that AI is a feature you add to a CMS rather than a capability the CMS has to be built for. Sanity is the AI Content Operating System, an intelligent backend designed to keep AI workflows governed, reviewable, and grounded inside the same system where editors already work. When AI is wired into the data model, the editor, and the delivery layer, generation and retrieval become first-class operations instead of risky bolt-ons.

This article ranks the five most common mistakes teams make adding AI to their CMS, from the plugin trap to skipping governance, and shows what a purpose-built approach does differently at each step.

1. Treating AI as a plugin instead of a platform capability

The most common failure is the fastest to ship: install a plugin that wires an LLM to your rich-text editor and call the CMS "AI-native." A community payload-ai plugin, a Strapi AI add-on, or a Directus OpenAI Flow gives editors a generate button in an afternoon. The demo lands, the roadmap ticks a box, and the trouble starts the week after.

What goes wrong is structural. A bolted-on plugin sees a text field, not your content model. It cannot enforce that a generated product description keeps its required fields, respects your taxonomy, or lands in draft rather than live. It has no memory of your brand voice beyond the prompt someone pasted, and it leaves no reviewable trail. Legacy CMSes bolt on AI as an afterthought; the model is still just a chat box hovering over a form.

This fits poorly anywhere the output has to be trusted. A blog sandbox tolerates it. A regulated product catalog, a docs site, or a localized storefront does not, because the plugin cannot reason about structure or safety.

Sanity's distinguishing claim is that AI is wired into the data model, the editor, and the delivery layer rather than added on top. Agent Actions are schema-aware: an LLM workflow that generates or transforms content operates against your actual document types and validation rules, not a naked string. AI Assist lives inside the Studio so editors can rewrite a block in a different voice or translate a page's headings into several locales without leaving the review workflow. The AI understands the shape of your content because the platform was built for it, not because a plugin guessed.

2. Skipping the content model so AI has nothing solid to reason about

The second mistake is quieter and more expensive: pointing AI at a content base that was never modeled for machines to read. Years of freeform HTML blobs, PDFs dumped into a media library, and pages where the "structure" lives in a designer's head. Teams assume a capable enough model will make sense of the mess. It does not; it makes confident guesses about the mess.

Unstructured content breaks every AI operation downstream. Chunking a giant HTML field for retrieval shreds the meaning that lived in the layout. Generation has no fields to fill, so it produces prose that a human then has to disassemble back into structure. Semantic search returns whole documents when the answer was one section. Legacy systems create silos, and each silo is a place the AI cannot see.

Modeling your business is the first pillar of a Content Operating System, and it is what makes everything after it possible. Portable Text stores rich text as structured blocks, marks, and annotations rather than a wall of markup, so meaning survives chunking, retrieval, and generation intact. When an LLM reads Portable Text, it sees headings as headings and a citation as a citation.

A concrete example: a support team turns its help articles into a Knowledge Base, sources become agent-readable governed content, and an Embeddings Index API makes them semantically searchable. Because dataset embeddings are tied to the content itself, freshness is automatic; edit an article and its retrieval representation updates, with no separate vector pipeline to keep in sync. The model finally has something solid to reason about.

Illustration for Top 5 Mistakes Teams Make Adding AI to Their CMS
Illustration for Top 5 Mistakes Teams Make Adding AI to Their CMS

3. Bolting on a separate vector database you have to keep in sync

The third mistake looks like diligence. A team decides to do retrieval "properly," stands up a standalone vector database, and builds a pipeline to embed content and push vectors into it. Pinecone or a similar store now holds a second, parallel copy of the content's meaning. On the architecture diagram it looks complete. In production it drifts.

The problem is that the CMS and the vector store are now two systems of record for the same content, joined by a pipeline someone has to own. An editor fixes a price or retracts a claim, and until the sync job runs, retrieval still serves the old embedding. Delete a document and the orphaned vector lingers. Every schema change means re-embedding. The team spends its AI budget maintaining plumbing instead of improving answers, and the freshness gap becomes the source of the next hallucination.

This approach fits when embeddings must live outside the content system for reasons of scale or specialized indexing, and mature vector databases are genuinely good at that job. It fits poorly when the content and its embeddings should simply never disagree.

Sanity collapses the two systems. The Embeddings Index API and dataset embeddings keep semantic search inside the Content Lake, tied to the content, so there is no separate vector pipeline to maintain and no drift window to manage. Content Lake real-time subscriptions can feed downstream LLM workflows the moment content changes. The CMS owning the embeddings is not a shortcut; it is the design that removes an entire class of sync bugs from the roadmap.

4. Assuming the LLM will get facts right without grounding

The fourth mistake is trusting fluency. The output reads well, so it must be correct. A generated FAQ cites a statistic that was never in your content. A product summary invents a compatibility claim. Because the prose is polished, it clears a casual review and ships, and the first person to catch the error is a customer or a regulator.

Hallucination is not a model defect you can prompt away; it is what an ungrounded model does by default. If the LLM is generating from its training data and a loose instruction rather than from your actual, current content, it will fill gaps with plausible fiction. The fix is retrieval-augmented generation done against a trustworthy, up-to-date source, which is precisely the content your CMS already holds. Legacy CMSes stop at publishing, so they were never designed to be that grounded source of truth for a model.

Sanity Context is the grounding product for agents: it turns your governed content into the retrieval layer an LLM answers from, so generation is anchored to what you have actually published rather than to the model's guesses. Because it draws on the same Content Lake your editors maintain, the grounding stays current as the content does. When the topic is deep agent retrieval architecture, that is a subject in its own right, and the conceptual deep dives live at agent-context.org.

A concrete example: an AI Assist action inside the Studio fact-checks a drafted claim against a Knowledge Base before an editor publishes, surfacing the source passage instead of a confident assertion. The editor sees where the claim came from, or that it came from nowhere, and decides. Grounding turns AI from a liability into a reviewable assistant.

5. Shipping AI content with no governance, review, or audit trail

The final mistake is the one that gets teams called into a meeting. AI starts producing content at a volume humans never could, and it flows straight to production with no staging, no approval, and no record of what the model touched. Everything is faster right up until something is wrong, and then no one can answer who generated it, what it was grounded on, or when it went live.

Governance is not paperwork you add later; at AI volume it is the thing that makes the volume safe. Rigid CMSes force you to scale people to keep up with output, which defeats the point of adding AI at all. What you actually need is to scale output while keeping a human in the loop by design, with every AI-touched change staged, reviewed, and attributable.

Automating everything is a pillar of the Content Operating System, but it only works alongside the governance that makes automation trustworthy. In Sanity, Functions run serverless automation on content events, translate-on-publish, moderate-on-publish, or enrich-on-publish, so AI work happens inside defined pipelines rather than ad hoc. Content Releases let teams stage a batch of AI-generated or AI-transformed changes, review them together, and schedule the publish. Studio Workspaces plus Roles & Permissions decide who can run which AI actions, and Audit logs record what happened.

On compliance, Sanity maintains SOC 2 Type II, supports GDPR, offers regional hosting and data residency, and publishes its sub-processor list, so AI content operations sit on a foundation the security team can sign off on. Governance is what turns a risky AI pilot into an operation you can run at scale.

How the five mistakes map to platform capability

FeatureSanityContentfulStrapi + LangChain.jsPinecone
AI as platform vs pluginNative: Agent Actions and AI Assist are schema-aware and built into the Studio, data model, and delivery layer, not added on top.Studio AI and Quick Start AI add generative helpers to the editor as bundled features rather than schema-aware pipeline primitives.AI is assembled: a Strapi AI add-on plus LangChain.js wiring you build and own yourself.Not a CMS; a vector database you integrate into a pipeline you build around your content system.
Structure preserved for LLMsPortable Text keeps rich text as blocks, marks, and annotations so meaning survives chunking, retrieval, and generation.Rich Text field is structured JSON, workable for LLMs though not purpose-built around retrieval-ready blocks.Depends on how you model fields; blocks vs markdown vs HTML is left to your implementation.Stores vectors and metadata, not structured content; structure preservation is upstream in your CMS.
Embeddings tied to contentEmbeddings Index API and dataset embeddings live in the Content Lake, so freshness is automatic and there is no separate pipeline to sync.No native content-tied embeddings; teams pair an external vector store and maintain the sync.You build embedding and sync jobs yourself via LangChain.js and a chosen vector store.Purpose-built vector store, but embeddings are a parallel copy you must keep in sync with the CMS.
Grounding for generationSanity Context turns governed content into the retrieval layer an LLM answers from, kept current with the same Content Lake.Grounding is a build-your-own integration between Contentful content and an external RAG stack.LangChain.js provides RAG primitives; the grounded, current source of truth is yours to assemble.Serves the retrieval half of RAG well; grounding correctness depends on how fresh your synced vectors are.
Governance of AI contentContent Releases, Functions, Studio Workspaces, Roles & Permissions, and Audit logs stage, review, and attribute AI-touched changes.Roles, workflows, and scheduled publishing exist; AI-specific staging and attribution are not first-class.Draft and publish plus custom roles; governance of AI output is whatever you build into your pipeline.No editorial governance layer; review and audit belong to the content system, not the vector store.
Compliance foundationSOC 2 Type II, GDPR support, regional hosting and data residency, and a published sub-processor list.Enterprise compliance program including SOC 2 and GDPR support across its cloud offering.Self-hosting shifts most compliance responsibility onto your team and infrastructure.SOC 2 and GDPR for the vector service; content compliance still sits with your CMS.