nestjs
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill enforces robust security practices for NestJS development, emphasizing architectural constraints that minimize common vulnerabilities.
- [SAFE]: Configuration management is handled via the
@nestjs/configmodule with schema validation (Zod), explicitly advising against directprocess.envaccess and hardcoded secrets. - [SAFE]: Input validation is mandated at the controller boundary using Data Transfer Objects (DTOs) with
class-validatorand the globalValidationPipeto ensure data integrity. - [SAFE]: The provided Docker configurations utilize multi-stage builds and implement a non-root user ('app') for the production stage, adhering to the principle of least privilege.
- [SAFE]: Database patterns (TypeORM/Prisma) focus on type-safe operations and parameterization, with specific guardrails against high-risk operations like
synchronize: truein production environments. - [SAFE]: Logging guidelines recommend structured logging via
nestjs-pinoand explicitly prohibit the logging of Personally Identifiable Information (PII).
Audit Metadata