Skills
skills/mblode/agent-skills/scaffold-nextjs/Gen Agent Trust Hub

scaffold-nextjs

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands for project initialization, file management, and deployment using standard tools like npm, npx, git, gh, and vercel.
  • [EXTERNAL_DOWNLOADS]: The skill fetches several packages from the npm registry, including agentation, ultracite, turbo, and @next/third-parties to build the application environment.
  • [EXTERNAL_DOWNLOADS]: It references an external UI component registry at ui.blode.co to download specialized component configurations during the UI setup phase.
  • [REMOTE_CODE_EXECUTION]: The workflow utilizes npx to execute initialization scripts for create-next-app, shadcn, ultracite, and the Vercel CLI, which involves fetching and executing code from remote sources at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 02:15 AM