nextjs-blog-netlify
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill clones source code from 'https://github.com/netlify-templates/nextjs-blog-theme.git'. Because this organization is not on the trusted list, the integrity of the downloaded content cannot be guaranteed.
- COMMAND_EXECUTION (MEDIUM): The skill executes 'npm install' and 'npm run build' on the cloned repository. This allows the execution of arbitrary scripts defined in the external project's package.json, which is a common vector for supply chain attacks.
Audit Metadata