Skills
skills/ulpi-io/skills/nextjs/Gen Agent Trust Hub

nextjs

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a collection of reference materials for Next.js 16 development, focusing on architectural patterns and security best practices.
  • [SAFE]: Security-centric instructions include mandatory Content Security Policy (CSP) implementation with nonces, CSRF protection for Server Actions, and XSS prevention using DOMPurify and logical property styling.
  • [SAFE]: Authentication references follow the Backend-For-Frontend (BFF) pattern, using encrypted httpOnly cookies via the jose library, which is a recommended practice for the stack described.
  • [SAFE]: The skill provides guidance on environment variable management, emphasizing that secrets should never use the NEXT_PUBLIC_ prefix and should be handled in server-only modules.
  • [SAFE]: No malicious prompt injections, data exfiltration vectors, or obfuscated payloads were found in the instructions or reference snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 06:52 PM