nextjs-secure-bff
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely educational, providing guidance on securing Next.js Backend-for-Frontend (BFF) architectures.
- [SAFE]: All external links point to official Next.js documentation (nextjs.org), which are recognized as well-known and trusted technology domains.
- [SAFE]: The skill addresses potential indirect prompt injection surfaces (such as Route Handlers and Server Actions) by providing robust validation examples using the Zod library and requiring re-authentication for all mutations.
- [SAFE]: No evidence of obfuscation, hardcoded credentials, malicious remote code execution, or persistence mechanisms was found in the instructions or example code.
Audit Metadata