web-frameworks
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides instructions for standard development tasks such as
npx create-next-app,npm install, and running local Python utilities (nextjs-init.py,turborepo-migrate.py). These commands are typical for project scaffolding and monorepo management. - [EXTERNAL_DOWNLOADS] (SAFE): The instructions reference downloading well-known, trusted packages from the npm registry (Next.js, Turborepo, RemixIcon). No unauthorized or suspicious remote sources were identified.
- [CREDENTIALS_UNSAFE] (SAFE): Examples demonstrate the use of environment variables and CI/CD secrets (e.g.,
${{ secrets.TURBO_TOKEN }}) following security best practices. No hardcoded API keys, tokens, or credentials are present. - [DATA_EXFILTRATION] (SAFE): Code snippets include network requests (e.g.,
fetchtoapi.example.com) that are clearly marked as placeholders for documentation purposes. No evidence of unauthorized data transmission was found. - [PROMPT_INJECTION] (SAFE): The documentation contains instructional text and code comments that do not attempt to override agent behavior or bypass safety filters.
Audit Metadata