better-chatbot-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious code, prompt injections, or unauthorized network operations were identified. The skill focuses on providing reusable implementation patterns for Next.js applications.
- Unverifiable Dependencies (SAFE): The listed dependencies (zod, zustand, ai, etc.) are standard, well-maintained libraries in the JavaScript/TypeScript ecosystem. No suspicious or unversioned external scripts are executed.
- Indirect Prompt Injection (SAFE): The skill provides patterns for ingesting untrusted data (FormData) but mitigates the risk by enforcing structured validation using Zod.
- Ingestion points: Server actions via
formDatainaction-utils.ts. - Boundary markers: Implied by the use of structured Zod schemas to separate raw input from application logic.
- Capability inventory: Database operations (
db.update) are mentioned as potential downstream actions. - Sanitization: Explicitly uses
zodfor input validation andsuperRefinefor complex validation rules.
Audit Metadata