AgentSkillsCN

Next.js Config Sanity

审查 Next.js 配置,关注不安全的 HTTP 头部、缓存陷阱,以及构建过程中的回归问题。

SKILL.md
--- frontmatter
name: Next.js Config Sanity
description: Review Next.js config for unsafe headers, caching pitfalls, and build regressions
owner: Undangan team
last_updated: 2026-01-24

Next.js Config Sanity Skill

Purpose

Reduce security and deployment risks caused by unsafe next.config.ts changes.

When to Use

  • next.config.ts changes
  • Unexpected build or deploy regressions
  • Security review

Inputs

  • next.config.ts
  • Hosting environment constraints (if known)

Outputs

  • Review notes under .agent/artifacts/{conversation-id}/nextjs_config_sanity.md
  • Minimal config fixes (if needed)

Prerequisites

  • Ability to run a local build

Tools & Availability

  • Local shell + npm run build
  • If build unavailable, document why

Methodology

  1. Review headers, redirects, rewrites, and images config.
  2. Check for unsafe headers (overly permissive Access-Control-Allow-*).
  3. Validate caching headers for sensitive pages.
  4. Confirm experimental flags are intentional and documented.

Verification

  • Config changes documented with rationale
  • npm run build completes (or failure documented)
  • Headers/caching settings reviewed for security impact

Pass/Fail: Pass only if all checks above are satisfied.

Risks & Mitigations

  • Misconfigured headers → review against expected security posture
  • Hidden regressions → keep minimal diffs and rebuild locally