nextjs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of Markdown documentation and templates. No executable files (.py, .js, .sh) or configuration files that trigger code execution are present.
- [DATA_EXPOSURE] (SAFE): No hardcoded credentials, API keys, or attempts to access sensitive system paths (e.g., ~/.ssh) were found. The templates provide standard boilerplate for Next.js configuration without exposing user data.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns involving package managers (npm, pip) or remote script fetching (curl|bash). The skill does not facilitate the execution of external code.
- [PROMPT_INJECTION] (SAFE): The instructions are strictly limited to defining the skill's scope and providing a mapping to official documentation. There are no attempts to override system prompts, bypass safety filters, or use adversarial role-play.
- [EXTERNAL_DOWNLOADS] (SAFE): While the skill contains many links to official documentation (nextjs.org), these are informational references only and are not used as sources for dynamic code execution or automated downloads.
Audit Metadata