next-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is entirely composed of markdown documentation and code examples for Next.js development. It provides guidance on architectural patterns, file conventions, and optimization techniques.
- [EXTERNAL_DOWNLOADS] (LOW): The documentation references standard, well-known Node.js packages and tools (e.g., sharp, bcrypt, ioredis, @next/codemod) used in the Next.js ecosystem. These are provided as solutions for common development tasks and use legitimate registries.
- [COMMAND_EXECUTION] (LOW): Examples include standard developer commands such as
npxfor code migrations andcurlfor interacting with the local Next.js dev server. These are contextually appropriate for developer tools and do not involve piped execution from untrusted remote sources. - [DATA_EXFILTRATION] (SAFE): No logic for sending sensitive data to external domains was found. The skill correctly identifies that secrets should stay on the server and provides examples of using environment variables securely.
Audit Metadata