openapi-swagger-nestjs
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@nestjs/swaggervia npm. This is the official and well-known documentation package for the NestJS framework. - [COMMAND_EXECUTION]: Provides a script (
generate-openapi.ts) that programmatically creates the NestJS application context to generate an OpenAPI JSON file and write it to the local filesystem usingfs.writeFileSync. This is a standard procedure for generating API contracts during build or CI/CD phases. - [DATA_EXPOSURE]: The skill explicitly promotes the use of
@ApiHideProperty()to ensure sensitive internal fields (such as user IDs or privacy-sensitive data) are not exposed in the generated Swagger UI or OpenAPI documentation. It also provides examples of using theValidationPipewithwhitelist: trueto prevent mass-assignment vulnerabilities.
Audit Metadata