next-safe-action Advanced Features

Name: skills/safe-action-advanced
Author: next-safe-action

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

40Medium

The skill misrepresents its capabilities by lacking detailed explanations for

ThreatsCI SM CS BC S HITL

Behavior Analysis

Mismatch detected — The skill's description and overview table claim to cover 'bind arguments', 'metadata schemas', 'framework errors', and 'type inference utilities', but the provided content only details 'Server-Level Action Callbacks' and 'throwServerError'. The other features are merely listed without explanation or examples.

Claims to do

next-safe-action Advanced Features: | Feature | Use Case | |---|---| | [Bind arguments](./bind-arguments.md) | Pass extra args to actions via `.bind()` (e.g., resource IDs) | | [Metadata](./metadata.md) | Attach typed metadata to actions for use in middleware | | [Framework errors](./framework-errors.md) | Handle redirect, notFound, forbidden, unauthorized in actions | | [Type utilities](./type-utilities.md) | Infer types from action functions and middleware |

Actually does

This skill describes advanced usage of `next-safe-action` focusing on server-side callbacks (`onSuccess`, `onError`, `onSettled`, `onNavigation`) within action definitions. It demonstrates interacting with a database (e.g., `db.post.create`), invalidating caches, logging errors, and recording metrics. It also covers an option to re-throw server errors.

Threat Analysis

AI Agent Traps ↗Scanned 5/5/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learningclean

Behavioural ControlActionclean

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namenext-safe-action/skills/safe-action-advanced

Registrygithub

Versionfc3237591fd3

PURLpkg:github/next-safe-action/skills@fc3237591fd3?skill=safe-action-advanced

Installs444

Source

Repository ↗SKILL.md ↗

SHA-2563f78ccbe252f...

SHA-189e9d499496f...

MD50f47fbd18043...

TLSHbc4131473436...

Size2,216 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/next-safe-action/skills

444 installs

Skills.shDocs

npx skills add https://github.com/next-safe-action/skills

Assessments (1)

AI Agent Traps ↗

Description Mismatchmediumdescription mismatch

The skill's description and overview table claim to cover 'bind arguments', 'metadata schemas', 'framework errors', and 'type inference utilities', but the provided content only details 'Server-Level Action Callbacks' and 'throwServerError'. The other features are merely listed without explanation or examples.

85% confidenceline 3

Description: 'Use when working with bind arguments, metadata schemas, framework errors... type inference utilities...'. Content only provides details for 'Server-Level Action Callbacks' and 'throwServerError'.

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/next-safe-action/skills/safe-action-advanced.svg)](https://mondoo.com/ai-agent-security/skills/github/next-safe-action/skills/safe-action-advanced)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/next-safe-action/skills/safe-action-advanced"><img src="https://mondoo.com/ai-agent-security/api/badge/github/next-safe-action/skills/safe-action-advanced.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/next-safe-action/skills/safe-action-advanced.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow