developing-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download various development tools and packages from official registries (npm, pnpm) and well-known service providers (mise, Playwright).
- [COMMAND_EXECUTION]: Includes a variety of shell commands for local project setup, building, and deployment to Google Cloud Run using standard CLI tools like docker, gcloud, and pnpm.
- [REMOTE_CODE_EXECUTION]: Employs standard package runners (npx, pnpm dlx) to fetch and execute project initialization scripts from official registries for Next.js, Prisma, and MSW.
- [DATA_EXFILTRATION]: No evidence of data exfiltration was detected. The skill provides clear guidance on managing environment variables and ensuring that sensitive secrets remain on the server side.
- [PROMPT_INJECTION]: The instructions do not contain any patterns indicative of prompt injection, safety guideline bypasses, or attempts to override agent behavior.
Audit Metadata