The Agent Skills Directory

[DATA_EXPOSURE]: The skill explicitly instructs users to avoid hardcoding secrets. It mandates the use of environment variables (e.g., NEXT_PUBLIC_POSTHOG_PROJECT_TOKEN) for configuration, which aligns with security best practices for credential management.
[EXTERNAL_DOWNLOADS]: The skill references official PostHog libraries such as posthog-js and posthog-node. These are standard, well-known packages from the vendor. It also mentions a wizard tool @posthog/wizard, which is an official utility for the integration.
[PROMPT_INJECTION]: The skill instructions do not contain any patterns typical of direct prompt injection or attempts to bypass AI safety filters. It uses standard instructional language to guide the integration process.
[COMMAND_EXECUTION]: The documentation includes standard development commands like npm install and npm run dev. These are expected for the described workflow and do not involve suspicious shell operations or unauthorized privilege escalation.
[SAFE]: The skill processes project source code to identify event tracking opportunities. This is a core functional requirement of the analytics integration and does not involve exfiltration of sensitive data to unauthorized third parties.

integration-nextjs-pages-router