Skills
skills/fellipeutaka/leon/next-best-practices/Gen Agent Trust Hub

next-best-practices

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface in debug-tricks.md. 1. Ingestion points: debug-tricks.md. 2. Boundary markers: Absent. 3. Capability inventory: The skill instructs the agent to make POST requests to a local /_next/mcp endpoint to execute debugging tools. 4. Sanitization: Absent.
  • [DATA_EXFILTRATION] (LOW): Potential data exposure via documented tools get_project_metadata and get_logs which allow the agent to retrieve local filesystem paths and log contents.
  • [EXTERNAL_DOWNLOADS] (SAFE): Recommendations for using official packages like @next/codemod and @next/third-parties involve trusted organizations (Vercel/Google).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 10:22 PM