busirocket-nextjs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions targeting agent behavior override or safety bypass were detected.
- [DATA_EXPOSURE] (SAFE): The skill includes explicit rules for protecting server-side secrets and environment variables in the rules/nextjs-protecting-server-code.md file.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill manages untrusted data ingestion. Evidence: 1. Ingestion points: request.json() and route params in API handlers. 2. Boundary markers: Explicit 'validation boundaries' rules and schema requirements. 3. Capability inventory: Calls to service-layer functions. 4. Sanitization: Rules mandate Zod schema validation or guard helpers before any input processing.
- [COMMAND_EXECUTION] (SAFE): The patterns described are restricted to standard web framework logic and do not involve system command execution.
Audit Metadata