next-devtools-guide
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface where external data is ingested into the agent context.\n
- Ingestion points: External data is gathered via
nextjs_docs(documentation),browser_eval(web content), andnextjs_call(server logs).\n - Boundary markers: There are no explicit instructions or delimiters used to separate untrusted external content from agent instructions.\n
- Capability inventory: The skill can execute tools on the local development server, perform browser automation via Playwright, and run migration codemods.\n
- Sanitization: No sanitization or validation of external content is specified before processing.
Audit Metadata