next-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): The skill consists entirely of markdown documentation providing technical guidance. All code snippets are illustrative examples for developers and do not contain executable malicious logic.
- EXTERNAL_DOWNLOADS (INFO): The documentation references standard npm packages and official Next.js tooling (e.g.,
@next/codemod,@next/third-parties). These are from trusted sources and are typical for the described development context. - COMMAND_EXECUTION (INFO): Provides standard shell snippets for developer workflows, such as Docker commands and Next.js CLI operations (e.g.,
next build). No arbitrary or dangerous command execution was found. - DATA_EXFILTRATION (INFO): Placeholder environment variables (e.g.,
DATABASE_URL,API_SECRET) are used in documentation to demonstrate configuration best practices and do not represent hardcoded secrets.
Audit Metadata