nextjs
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions targeting agent behavior or safety filters were found. The skill provides standard operational guidance.\n- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths or network transmission commands are present. The referenced domain (nextjs.org) is for documentation purposes.\n- [Unverifiable Dependencies & RCE] (SAFE): No external packages, remote scripts, or dynamic code execution patterns are used.\n- [Indirect Prompt Injection] (LOW): The skill instructs the agent to read internal documentation files (examples/). While these files provide external context, the skill lacks the write or execute capabilities required to pose a significant threat.
Audit Metadata