Next Upgrade
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is aligned with upgrading Next.js, but it will run npm/npx upgrade commands that can modify your project, so review changes carefully.
This appears appropriate for its stated purpose. Before using it, make sure your project is committed or backed up, run the upgrade on a branch, review all codemod and dependency changes, and test the app before deploying.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may change application code, package.json, and lockfiles, and could introduce breaking changes if applied without review.
These commands can rewrite project source files and change dependency manifests. That is expected for a Next.js upgrade, but it is still a material local mutation.
Run codemods first... `npx @next/codemod@latest <transform> <path>` ... `npm install next@latest react@latest react-dom@latest`
Run it on a version-controlled branch, review the diff after codemods and installs, and confirm build/test results before merging.
The exact package versions and codemod code may vary over time, which can affect reproducibility and trust in the upgrade process.
The instructions use npm packages with the `@latest` tag, which means code and dependencies are fetched at use time rather than pinned. This is common for upgrades, but users should notice the supply-chain dependency.
`npx @next/codemod@latest <transform> <path>` and `npm install next@latest react@latest react-dom@latest`
Prefer official Next.js packages and documentation, consider pinning target versions when reproducibility matters, and inspect package changes before accepting them.