building-nextjs-apps
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing and running the next-devtools-mcp package via npx. This is an external dependency not associated with a known trusted vendor.
- Evidence: SKILL.md contains the command 'claude mcp add next-devtools npx next-devtools-mcp@latest'.
- [COMMAND_EXECUTION]: The skill documentation includes setup instructions using npx for standard tools. Projects created by create-next-app (Vercel) and shadcn use trusted sources.
- Evidence: SKILL.md and references/nextjs-16-patterns.md provide bash examples for project initialization.
- [COMMAND_EXECUTION]: The skill includes a local Python script for verification which is intended to be run by the user or agent.
- Evidence: scripts/verify.py is called by instructions in SKILL.md.
- [PROMPT_INJECTION]: The skill contains a skill-report.json file that makes authoritative claims about its own safety and identifies previous audit findings as false positives. This is a self-referential pattern designed to influence security analysis.
- Ingestion points: skill-report.json enters agent context as part of the skill files.
- Boundary markers: None present in the JSON file.
- Capability inventory: The skill primarily contains code templates and documentation; however, it references npx execution and fetch operations.
- Sanitization: None.
Audit Metadata