nextjs
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- Metadata Poisoning (MEDIUM): The skill uses deceptive naming ('Next.js 16') and claims to be 'maintained by the Next.js Community' for a future release date (January 2026). Evidence: 'references/route-proxy-ts.md' incorrectly states 'middleware.ts' is deprecated and should be replaced by 'proxy.ts'; following this advice would result in a security bypass in current Next.js environments.
- Indirect Prompt Injection (LOW): The skill suggests patterns for ingesting untrusted data via 'fetch' and interpolating it directly into the application UI and metadata. Ingestion points: 'references/cache-fetch-options.md', 'references/server-avoid-client-fetching.md', 'references/meta-generate-metadata.md'. Boundary markers: Absent in all examples. Capability inventory: 'fetch', 'revalidatePath', 'revalidateTag'. Sanitization: No sanitization or validation logic is present in the provided templates.
- No Executable Code (SAFE): The skill consists entirely of Markdown documentation and contains no scripts, binaries, or automated installation routines.
Audit Metadata