next-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill references trusted ecosystem tools such as @next/codemod, create-sst, and @opennextjs/aws for migration and deployment tasks.
- [COMMAND_EXECUTION] (LOW): Includes standard development commands like next build, npm run build, and npx codemods. These are expected for the skill's primary purpose.
- [PROMPT_INJECTION] (LOW): The debug-tricks.md file defines an attack surface for indirect prompt injection (Category 8c) by instructing the agent to consume output from local development tools (MCP endpoint).
- Ingestion points: Tool outputs from get_errors, get_logs, and get_page_metadata in debug-tricks.md.
- Boundary markers: No specific boundary markers or 'ignore' instructions are provided for handling tool outputs.
- Capability inventory: The agent is instructed to use these tools to read local file paths, project metadata, and development logs.
- Sanitization: No sanitization or validation of the tool-provided data is suggested before processing.
Audit Metadata