next-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown documentation and reference code snippets. There are no executable scripts, installers, or binary files included.
- [SAFE]: All external tools referenced, such as
@next/codemodand@next/third-parties, are official packages from the Next.js ecosystem. The use of well-known libraries likeioredisand@aws-sdk/client-s3for self-hosting examples follows industry standards. - [SAFE]: Code examples correctly handle sensitive information by referencing environment variables (e.g.,
process.env.REDIS_URL,process.env.AWS_REGION) rather than using hardcoded credentials. - [SAFE]: The debugging tools mentioned, such as the
/_next/mcpendpoint, are intended for local development environments and operate onlocalhost, presenting no inherent risk of remote data exfiltration in the described usage.
Audit Metadata