next-upgrade
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Official Resource Retrieval: The skill fetches upgrade documentation from official domains such as nextjs.org. This ensures that the migration steps followed by the agent are based on authoritative guidance provided by the framework maintainers.
- Package Management Operations: The skill utilizes npm and npx to update dependencies and apply automated code transformations (codemods). These operations target official packages like @next/codemod, which is a common and recommended practice for modernizing JavaScript projects.
- Project Metadata Analysis: The agent reads the package.json file to determine current dependency versions. This localized read operation is essential for calculating the correct upgrade path and does not involve accessing sensitive system credentials or files.
Audit Metadata