ask-next
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- Documentation Retrieval via API: The skill fetches data from an external API endpoint hosted on a labs.vercel.dev subdomain. This is a standard functional requirement for providing real-time documentation and targets a service associated with the framework maintainers.
- Secure Argument Handling: The use of jq to construct the JSON payload for the curl request is a recommended practice. It ensures that user-provided arguments are properly escaped before being passed to the shell, minimizing injection risks.
- Data Processing Considerations: The skill processes external content from the API to present a summary. While fetching external data can theoretically expose an agent to indirect prompt injection, the risk is significantly mitigated here by the use of a trusted, vendor-managed documentation source.
Audit Metadata