sasatech-next-architecture
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security vulnerabilities were detected. The skill consists of technical documentation, architectural rules, and boilerplate code intended to help developers build secure and maintainable applications.
- [CREDENTIALS_UNSAFE] (SAFE): The skill handles sensitive environment variables (e.g., Supabase keys, Stripe secrets) correctly. It contains a specific high-impact rule ('server-no-public-env') that explicitly warns against exposing secrets in 'NEXT_PUBLIC_' variables and explains the associated risks. No actual credentials are hardcoded.
- [EXTERNAL_DOWNLOADS] (SAFE): All suggested dependencies are industry-standard libraries (Supabase, Zod, Stripe, Resend) and installation commands use standard package managers (npm).
- [COMMAND_EXECUTION] (SAFE): Command examples are restricted to standard development tasks such as project initialization and database migrations using the Supabase CLI.
- [DATA_EXFILTRATION] (SAFE): The architecture promotes 'least privilege' and 'server-only' isolation, ensuring that database connections and external API calls are handled safely on the server side.
Audit Metadata