NextJS
v1.1.0Build Next.js 15 apps with App Router, server components, caching, auth, and production patterns.
⭐ 4· 3k·26 current·26 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Next.js guidance) matches the provided SKILL.md and topic files (routing, caching, auth, deployment). There are no unrelated required binaries, environment variables, or install steps that don't belong to a Next.js helper.
Instruction Scope
The runtime instructions and setup explicitly tell the agent to save project and user preferences to ~/nextjs/memory.md and per-project files. That is consistent with a persistent helper that remembers conventions, but it does mean the agent will read/write files under the user's home directory. The docs otherwise stay within Next.js-related activities and do not instruct reading unrelated system files or exfiltrating data.
Install Mechanism
No install spec or code files to execute; this is instruction-only, so nothing is downloaded or installed by the skill itself.
Credentials
The skill declares zero required env vars or credentials. Some included example docs reference typical Next.js project secrets (DATABASE_URL, NEXTAUTH_SECRET, SENTRY_DSN, VERCEL_TOKEN) as implementation examples — appropriate for a Next.js guide and not requested by the skill itself.
Persistence & Privilege
always:false (no forced global inclusion). The skill instructs the agent to create and maintain a persistent memory directory ~/nextjs/ to store project conventions and learned patterns. This is expected for a helper that maintains state, but users should be aware of that persistent storage and its contents.
Assessment
This is an instruction-only Next.js guidance skill that appears to do what it says. Important things to consider before installing:
- Persistence: the skill will save memory and project metadata to ~/nextjs/ (memory.md and per-project .md files). If you keep private data in your home directory, review what the agent writes there and remove it if undesired.
- No credentials requested: the skill itself does not ask for API keys or environment variables. The documentation includes examples that reference common project secrets (DATABASE_URL, NEXTAUTH_SECRET, SENTRY_DSN, VERCEL_TOKEN) — those are examples for your Next.js projects and are not required by the skill.
- Proactive behavior: setup.md encourages saving preferences and being proactive. Decide whether you want the agent to act proactively (flagging issues) or only on request, and adjust the skill's memory or activation settings accordingly.
- Review created files: after enabling the skill, check ~/nextjs/ for stored memory files and project notes so you know what data the agent kept.
If you want to limit persistence, either decline the memory/storage step, delete ~/nextjs/ after sessions, or run the skill in a profile/environment where home-directory writes are acceptable.Like a lobster shell, security has layers — review code before you run it.
latestvk97ad33edkr39v0fwtxmx2wjjn81r87c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
OSLinux · macOS · Windows