busirocket-nextjs-route-handlers
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No patterns found that attempt to override system instructions, bypass safety filters, or extract system prompts. Instruction set is purely technical and architectural.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths, hardcoded credentials, or network operations detected. The skill advocates for standard JSON response shapes and proper status codes.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not define any Python or Node.js dependencies, nor does it perform any remote script downloads or runtime code execution.
- [Indirect Prompt Injection] (SAFE): The skill identifies a potential attack surface (request inputs) but mitigates it by making 'Never return unvalidated request input' a non-negotiable rule. It does not process untrusted data itself.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were detected in the documentation.
- [No Code] (INFO): The skill is entirely documentation-based, providing patterns and rules for the agent to follow during code generation rather than providing scripts to execute.
Audit Metadata