The Agent Skills Directory

Metadata Poisoning (MEDIUM): The documentation in file-conventions.md and SKILL.md contains deceptive information regarding a purported rename of middleware.ts to proxy.ts in 'Next.js 16'. As Next.js 16 is not a released version and no such rename has been announced for the App Router, following these instructions in current stable versions (v14/v15) would lead to a silent failure where the security middleware is no longer executed by the framework.
Command Execution (LOW): The skill encourages the use of npx @next/codemod, which is a trusted tool from Vercel used for automated migrations. While this involves remote code execution, it targets a reputable source.
Experimental Capabilities (LOW): debug-tricks.md describes an AI-assisted debugging endpoint (/_next/mcp) and a package (next-devtools-mcp). These appear to be based on experimental features or future-dated hallucinations. While not directly malicious, they instruct the agent to attempt local network requests to non-standard ports, which could be exploited if an attacker-controlled service is running on the local machine.

next-best-practices