Skills
skills/giuseppe-trisciuoglio/developer-kit-claude-code/nextjs-deployment/Gen Agent Trust Hub

nextjs-deployment

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the official installation script for the flyctl command-line tool from the well-known fly.io domain.
  • [EXTERNAL_DOWNLOADS]: References and utilizes official GitHub Actions and utilities from trusted organizations including actions, docker, aws-actions, google-github-actions, and vercel.
  • [PROMPT_INJECTION]: The skill provides patterns for processing environment variables and build arguments which constitute a surface for indirect prompt injection from external data sources or pipeline metadata.
  • Ingestion points: Environment variables (e.g., DATABASE_URL, API_KEY) and build-time arguments (GIT_HASH) defined in SKILL.md and referenced Docker configurations.
  • Boundary markers: No explicit delimiters or boundary markers are provided for the interpolated variables in the configuration examples.
  • Capability inventory: The skill leverages Bash for deployment automation and Write for configuration management.
  • Sanitization: Includes best-practice logic for validating the presence and requirements of environment variables at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 07:09 AM