nextjs-server-navigation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill content is purely instructional and does not contain any attempts to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): While the code snippets demonstrate access to headers and cookies for authentication and routing purposes, there is no evidence of hardcoded credentials or data exfiltration to external domains.
- Obfuscation (SAFE): The file is written in clear markdown with no hidden characters, encoding, or homoglyphs detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The code examples rely on standard, trusted libraries (
next/link,next/navigation). There are no commands to download or execute untrusted scripts from the internet. - Indirect Prompt Injection (LOW): The skill demonstrates processing external data (headers, cookies) which is a common pattern in Next.js development. While this represents a surface for indirect injection in a live application, the skill itself is an educational guide and does not contain exploitable instructions.
Audit Metadata