nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Standard Command Execution Patterns: The skill utilizes bash patterns for common Next.js tasks such as
next dev,next build, andnpx create-next-app. These are standard, well-documented commands for the framework and do not pose a security risk in this context. - Official Dependency Management: The skill provides instructions for upgrading core libraries like
next,react, andreact-domusing established package managers (npm, pnpm, bun). These operations target official registries and are part of standard maintenance workflows. - Proactive Security Guidance: A significant portion of the skill is dedicated to documenting critical security vulnerabilities (CVEs) and providing specific remediation steps, such as minimum safe versions. This demonstrates a strong security-first approach for developers.
- Automated Pattern Validation: The skill includes validation rules to identify and warn users about deprecated patterns (e.g.,
getServerSideProps) and potential client/server component mismatches, which assists in maintaining code quality and architectural integrity.
Audit Metadata