Auth0 Nextjs
Security checks across malware telemetry and agentic risk
Overview
The skill appears to be a coherent Auth0 setup helper for Next.js, with some installation and environment-file risks that users should handle deliberately.
Install if you want an agent to help configure Auth0 for a Next.js project. Before use, review any curl-to-shell command, prefer official Auth0 installation instructions or a pinned installer when possible, and approve .env changes only after checking the target file and values.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.