Skills

security-nextjs

Installation
SKILL.md

Security audit patterns for Next.js applications covering environment variable exposure, Server Actions, middleware auth, API routes, and App Router security.

Environment Variable Exposure

The NEXT_PUBLIC_ Footgun

NEXT_PUBLIC_* → Bundled into client JavaScript → Visible to everyone
No prefix     → Server-only → Safe for secrets
Related skills

More from igorwarzocha/opencode-workflows

Installs
198
Repository
igorwarzocha/op…orkflows
GitHub Stars
118
First Seen
Jan 24, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass