security-nextjs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes a bash script (scripts/scan.sh) and example grep/ripgrep commands. These tools are used for their intended purpose of auditing local code and configuration files for security patterns.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest and analyze untrusted local code files which could theoretically contain instructions targeting the agent. 1. Ingestion points: The scan script and grep commands read source code files from the target directory. 2. Boundary markers: No explicit delimiters are used in the auditing instructions. 3. Capability inventory: Uses grep, find, and ripgrep to report findings. 4. Sanitization: File contents are pattern-matched for analysis but are not executed as code.
- [DATA_EXPOSURE] (SAFE): While the skill searches for hardcoded secrets, it does so to alert the user of exposure on the local machine; it contains no mechanisms for data exfiltration.
Audit Metadata