nextjs-boilerplate
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the use of npx to bootstrap a project and initialize component libraries (create-next-app, shadcn, assistant-ui). These are well-established developer tools. Under [TRUST-SCOPE-RULE], downloads from Vercel (Next.js) are trusted, and the other tools are industry standards for the requested stack.\n- [DATA_EXFILTRATION] (SAFE): No credentials or sensitive file paths are accessed. The provided API route template for AI chat follows standard implementation patterns for local development.\n- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill creates a chat interface that processes user input, this is the primary intended purpose of the boilerplate. There are no malicious instructions embedded in the templates themselves.\n- [COMMAND_EXECUTION] (SAFE): Commands provided are strictly for project setup, dependency management, and development server operations (pnpm dev, pnpm build).
Audit Metadata