fullstack-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill outlines a structured workflow using industry-standard tools like Next.js, Prisma, SWR, and Zod.
- Authentication & Authorization: It correctly emphasizes the use of middleware (
withAuth,withEmailAccount) to protect API routes and server actions, ensuring operations are scoped to the authenticated user or account. - Input Validation: It promotes the use of Zod schemas for strict validation of incoming data on both the client and server sides, effectively mitigating common injection vulnerabilities.
- Data Access: Database queries using Prisma are shown to be filtered by
emailAccountId, which is a critical pattern for preventing cross-tenant data access in multi-tenant applications. - Security Best Practices: The guidelines explicitly advise against using unauthenticated routes for mutations and encourage centralized error handling.
Audit Metadata