nextjs-agent-team

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No signs of prompt injection, obfuscation, or data exfiltration attempts were detected. The skill follows established safety guidelines and provides legitimate developer workflows.
  • [COMMAND_EXECUTION]: The skill mentions standard development commands such as npm install, npm run db:migrate, and npm run dev. These are expected within the context of a Next.js development tool and are used appropriately.
  • [CREDENTIALS_UNSAFE]: The instructions correctly advise users to store sensitive configuration like database credentials in a .env file, which is a standard and safe practice for secret management.
  • [EXTERNAL_DOWNLOADS]: The skill references established tools and libraries within the Next.js ecosystem, such as next-devtools-mcp, next-auth, clerk, and zod. No downloads from untrusted or suspicious sources were identified.
  • [PROMPT_INJECTION]: The activation protocols and agent workflows are designed to fulfill user requests within a structured framework. There are no attempts to bypass safety filters or override the underlying agent's core safety instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — nextjs-agent-team