nextjs-senior-dev
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill acts as an educational and architectural guide, emphasizing security-first development. It includes a '7-Step Server Action Security' pattern that explicitly instructs the agent to implement rate limiting, authentication, Zod validation, and authorization checks (IDOR prevention) in developer code.
- [COMMAND_EXECUTION]: The skill provides a local Python script,
scripts/scaffold_route.py, designed to automate the creation of Next.js App Router folders and boilerplate files. This script generates files from static templates and does not perform network operations or execute untrusted remote code. - [EXTERNAL_DOWNLOADS]: Documentation and templates reference the installation and use of well-known, industry-standard packages and services from official registries (NPM/PyPI), including Prisma, Drizzle ORM, Auth.js (NextAuth), Upstash, and Sentry.
Audit Metadata