nextjs-cache-architecture

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides a structured approach to Next.js caching, using templates and documentation to guide the user in a secure manner, specifically emphasizing the separation of dynamic request APIs (cookies, headers) from cached data-fetching logic.
  • [COMMAND_EXECUTION]: The skill includes a Node.js utility script (scripts/audit.mjs) designed for local execution by the developer. This script performs static analysis of the project's source code using regular expressions to ensure compliance with the recommended architecture. It does not perform network operations, access sensitive system files, or execute remote code.
  • [PROMPT_INJECTION]: No attempts to override system prompts or bypass safety guidelines were found. The use of the $ARGUMENTS placeholder is a standard platform convention for processing user input.
  • [DATA_EXFILTRATION]: No patterns indicative of data exfiltration or unauthorized sensitive file access were detected. Network operations in the provided code templates are restricted to standard internal API fetches defined by the user.
  • [INDIRECT_PROMPT_INJECTION]: While the skill processes user domain descriptions to generate code (creating a potential attack surface for indirect injection), this is the primary intended function of the skill and no exploitable capability chains were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 09:52 AM
Security Audit — agent-trust-hub — nextjs-cache-architecture