nextjs-app-router-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill demonstrates patterns for fetching data from external APIs and rendering it in a web application. This pattern creates a surface for Indirect Prompt Injection or XSS if not handled correctly. The author proactively mitigates this by including sanitization warnings.\n
- Ingestion points: API fetch calls in app/posts/page.tsx and app/blog/[slug]/page.tsx.\n
- Boundary markers: Absent in the generated code snippets, but the skill includes comments advising the developer to sanitize content.\n
- Capability inventory: Code generation for full-stack React applications.\n
- Sanitization: Proactively recommends DOMPurify in code comments and the 'Best Practices' section.
Audit Metadata