building-nextjs-apps
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs users to install
next-devtools-mcp@latestvianpx. This package is not published by a trusted organization (e.g., Vercel, Microsoft) and its execution vianpxposes a risk of running arbitrary code from an unvetted source. - [COMMAND_EXECUTION] (MEDIUM): The verification section requires running
python3 scripts/verify.py. This script is part of the skill's distribution but its source code is not provided for analysis, creating a risk for hidden malicious logic being executed on the host system. - [REMOTE_CODE_EXECUTION] (MEDIUM): The
next-devtools-mcptool exposes abrowser_evalcapability using Playwright. This allows for automated browser execution which, if misconfigured or targeted by a malicious payload, could be used for unauthorized data access or session exfiltration. - [METADATA_POISONING] (MEDIUM): The skill claims to support 'Next.js 16', which is a non-existent version of the framework. This deceptive metadata may lead users to lower their defenses and trust unverified automation tools like
upgrade_nextjs_16mentioned in the MCP section.
Audit Metadata