nextjs-core
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational templates and documentation for building web applications. It promotes secure coding practices, including server-side authorization checks and robust input validation.
- [CREDENTIALS_UNSAFE]: The code snippets demonstrate the correct use of environment variables (e.g.,
GITHUB_SECRET,DATABASE_URL,REVALIDATION_SECRET) to manage sensitive information, avoiding hardcoded secrets. - [COMMAND_EXECUTION]: Includes standard documentation for installing well-known, legitimate development dependencies such as
next-auth,zod, andnext-safe-actionvia npm. - [DATA_EXFILTRATION]: Network operations shown in the references (e.g.,
fetchcalls, S3 uploads) are standard for web application functionality and are properly scoped to user-defined environment variables or placeholder domains.
Audit Metadata