web-frameworks
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and utility scripts for web development workflows. No malicious intent, prompt injection, or data exfiltration patterns were found.
- [COMMAND_EXECUTION]: The Python scripts
nextjs_init.pyandturborepo_migrate.pyperform file system operations (creating directories and files) to initialize projects. These scripts include proper input validation for project names and paths, and do not execute arbitrary commands or shell out to external processes in a dangerous manner. - [EXTERNAL_DOWNLOADS]: Documentation references standard, trusted sources such as Next.js (nextjs.org), Turborepo (turbo.build), and official package registries (npmjs.org). Usage of
npx create-next-appandnpx create-turboare standard practices for these frameworks. - [DATA_EXFILTRATION]: No network operations or credential harvesting patterns were found in the provided scripts. Data fetching examples in the documentation use placeholder domains (api.example.com) for instructional purposes.
Audit Metadata