next-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The
references/upgrade.mdfile defines a multi-step workflow for the agent to fetch external documentation and execute maintenance commands, which constitutes an indirect prompt injection surface. - Ingestion points: The agent is directed to read
package.jsonfor version detection and fetch external migration documentation fromnextjs.org. - Boundary markers: No explicit instructions are provided to the agent to delimit or ignore potential instructions embedded within the fetched documentation content.
- Capability inventory: The skill encourages the execution of
npxcodemods and describes interaction with a Model Context Protocol (MCP) server for tool-based debugging. - Sanitization: There is no mention of sanitizing or validating the content of the external documentation before it influences the agent's actions.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for fetching documentation and configuration guidelines from official Next.js and Vercel-managed domains.
- [REMOTE_CODE_EXECUTION]: Guidance is provided for running
npx @next/codemod@latest, which downloads and executes remote scripts from the official Next.js registry. - [COMMAND_EXECUTION]: Contains numerous examples of CLI commands for development and deployment, including
npm install,docker build, andpm2management.
Audit Metadata