nextjs-expert
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were identified. All code samples and instructions follow standard Next.js 14+ development and deployment guidelines.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it provides code templates for handling untrusted user input via web forms and dynamic URL segments.
- Ingestion points:
agents/data/server-actions.mdandagents/app-router/routing.md(FormData and slug parameters). - Boundary markers: Absent in the static code templates; implementation depends on developer integration.
- Capability inventory: Generates implementation code for network fetching (fetch API) and deployment configurations (Dockerfiles and CI/CD pipelines).
- Sanitization: The skill correctly recommends and provides examples for data validation using the Zod library.
Audit Metadata