web-frameworks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): The provided markdown documentation and configuration files were thoroughly inspected for threat patterns including prompt injection, data exfiltration, and obfuscation. No such patterns were found. The skill promotes secure practices, such as using GitHub secrets for authentication tokens.
- NO_CODE (SAFE): The SKILL.md documentation mentions Python utility scripts for project initialization and migration (e.g., nextjs-init.py), but these scripts are not present in the file list. The absence of these scripts means no executable logic is introduced by this skill beyond standard bootstrap commands.
- COMMAND_EXECUTION (SAFE): The shell command examples provided in the documentation (npx, npm, pnpm) are standard industry practices for bootstrapping projects using official framework tools and do not involve untrusted third-party sources or dangerous execution methods.
Audit Metadata