nextjs-architecture
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard shell utilities (
rg,find,test) to inspect the project directory. This is used solely to identify the Next.js version and router configuration (App Router vs. Pages Router) before applying relevant rules. - [COMMAND_EXECUTION]: A bundled Node.js script (
scripts/validate-nextjs-architecture-skill.mjs) is invoked to perform integrity checks on the skill's own file structure and content requirements. Analysis of the script confirms it only performs read-only file system operations to validate file existence and presence of required architectural keywords. - [SAFE]: The core logic of the skill is centered on security enforcement, specifically guarding against common Next.js vulnerabilities such as accidental exposure of server-side secrets in Client Components and unauthenticated access to Server Actions.
- [SAFE]: The instructions mandate the use of
server-onlymarkers and Data Access Layers (DAL) to prevent sensitive code from being bundled into client-side assets.
Audit Metadata