next-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of instructional markdown files aimed at guiding an AI agent in writing and reviewing Next.js code. It does not contain executable code, scripts, or malicious prompt instructions.
- [EXTERNAL_DOWNLOADS]: The documentation references official tools and libraries such as
@next/codemodfor API migrations and@next/third-partiesfor analytics integration. These are well-known packages from the framework maintainers. - [COMMAND_EXECUTION]: The skill provides standard development and deployment commands, including
next build,npm ci, andnpx @next/codemod. These are routine operations for Next.js developers and do not involve untrusted remote execution. - [DATA_EXFILTRATION]: Deployment templates for self-hosting (Docker and Redis/S3 cache handlers) correctly demonstrate the use of environment variables like
REDIS_URLandAWS_REGION. These are standard placeholders for infrastructure configuration and do not involve credential exposure or exfiltration to unknown domains.
Audit Metadata