nextjs-app-router
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): The identity and instruction sections in
SKILL.mdare standard for establishing a professional expert persona. They do not contain instructions to bypass safety filters, reveal system prompts, or override core agent constraints. - [DATA_EXFILTRATION] (SAFE): There are no commands that access sensitive user data, environment variables, or hardcoded secrets. References to sensitive modules like
fsordatabase clientsinreferences/sharp_edges.mdare purely for the purpose of identifying anti-patterns in user code. - [REMOTE_CODE_EXECUTION] (SAFE): The skill consists entirely of Markdown files. No scripts (.sh, .js, .py), binaries, or remote download commands (
curl,wget) are present. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process untrusted user-provided Next.js code for review. While it does not define explicit boundary markers for this data, the skill possesses no 'write' or 'execute' capabilities, limiting the risk to purely informational/reasoning bias.
- [OBFUSCATION] (SAFE): All content is provided in human-readable Markdown. No Base64 encoding, zero-width characters, or homoglyphs were detected.
- [DYNAMIC_EXECUTION] (SAFE): There is no evidence of runtime code generation, unsafe deserialization (e.g., pickle), or process injection techniques.
Audit Metadata