integration-nextjs-app-router
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates a strong security posture by explicitly instructing users to use environment variables for PostHog project tokens instead of hardcoding them, as documented in
SKILL.mdandEXAMPLE.md. - [EXTERNAL_DOWNLOADS]: The skill references official and well-known libraries, specifically
posthog-jsandposthog-node, which are standard for the intended integration and are sourced from the vendor's official package registries. - [COMMAND_EXECUTION]: The workflow includes standard project initialization and development commands (e.g.,
npm install,npm run dev) that are necessary for the skill's primary purpose and do not involve unauthorized privilege escalation or persistence. - [DATA_EXFILTRATION]: Network communication is exclusively directed toward official PostHog domains (such as
us.i.posthog.com) for analytics, session replay, and error tracking purposes, which is consistent with the skill's stated objective and does not constitute unauthorized data exfiltration.
Audit Metadata