nextjs-data-provider
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides technical guidelines and architectural patterns for Next.js development without any malicious instructions or executable scripts.
- [CREDENTIALS_UNSAFE]: The conventions explicitly define secure authentication management, requiring access tokens to be stored in memory and refresh tokens in httpOnly cookies. It specifically forbids the use of localStorage for tokens to prevent XSS-based theft.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known libraries such as TanStack Query, Zustand, and Axios. These are legitimate tools for the tech stack described and do not pose a security risk in this context.
- [PROMPT_INJECTION]: No behavioral overrides or safety bypass attempts were found in the instructional content.
Audit Metadata