Audit History
frontend-api-client-with-jwt - 6 audits
Audit version 6
Latest Medium RiskJun 28, 2026, 03:53 AM
The static findings are documentation terms in SKILL.md, not executable code, command execution, scanning, or exfiltration behavior. One semantic concern remains: the skill lists localStorage as a JWT storage option without enough warning about XSS exposure, so publication should include a security warning.
Medium Risk Issues (1)
Low Risk Issues (2)
Audit version 5
SafeJan 16, 2026, 03:45 PM
This skill contains only documentation describing JWT API client patterns for Next.js. No executable code, scripts, or network capabilities are present. Purely a conceptual guide for developers. All static findings are false positives from keyword detection in documentation - there is no code to execute, no network requests to make, and no credentials to exfiltrate.
Audit version 4
SafeJan 16, 2026, 03:45 PM
This skill contains only documentation describing JWT API client patterns for Next.js. No executable code, scripts, or network capabilities are present. Purely a conceptual guide for developers. All static findings are false positives from keyword detection in documentation - there is no code to execute, no network requests to make, and no credentials to exfiltrate.
Audit version 3
SafeJan 10, 2026, 09:50 AM
This skill contains only documentation describing JWT API client patterns for Next.js. No executable code, scripts, or network capabilities are present. Purely a conceptual guide for developers.
Audit version 2
SafeJan 10, 2026, 09:50 AM
This skill contains only documentation describing JWT API client patterns for Next.js. No executable code, scripts, or network capabilities are present. Purely a conceptual guide for developers.
Audit version 1
SafeJan 10, 2026, 09:50 AM
This skill contains only documentation describing JWT API client patterns for Next.js. No executable code, scripts, or network capabilities are present. Purely a conceptual guide for developers.