Skip to main content

chatkit-frontend

Enables developers to create customizable chat UIs using OpenAI ChatKit React components for enhanced user interaction.

Install this skill

or
67/100

Security score

The chatkit-frontend skill was audited on Feb 25, 2026 and we found 17 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 100

Template literal with variable interpolation in command context

SourceSKILL.md
100url: `${process.env.NEXT_PUBLIC_API_URL}/chatkit`,
medium line 130

Template literal with variable interpolation in command context

SourceSKILL.md
130url: `${process.env.NEXT_PUBLIC_API_URL}/chatkit`,
medium line 146

Template literal with variable interpolation in command context

SourceSKILL.md
146greeting: `Hello${user?.name ? `, ${user.name}` : ''}! How can I help you today?`,
medium line 324

Template literal with variable interpolation in command context

SourceSKILL.md
324router.push(`/chat?thread=${conversationId}`);
low line 100

Access to .env file

SourceSKILL.md
100url: `${process.env.NEXT_PUBLIC_API_URL}/chatkit`,
low line 101

Access to .env file

SourceSKILL.md
101domainKey: process.env.NEXT_PUBLIC_OPENAI_DOMAIN_KEY || 'local-dev',
low line 130

Access to .env file

SourceSKILL.md
130url: `${process.env.NEXT_PUBLIC_API_URL}/chatkit`,
low line 131

Access to .env file

SourceSKILL.md
131domainKey: process.env.NEXT_PUBLIC_OPENAI_DOMAIN_KEY || 'local-dev',
low line 335

Access to .env file

SourceSKILL.md
335# Frontend (.env.local)
low line 12

External URL reference

SourceSKILL.md
12- [OpenAI ChatKit Docs](https://platform.openai.com/docs/guides/chatkit)
low line 13

External URL reference

SourceSKILL.md
13- [ChatKit.js Docs](https://openai.github.io/chatkit-js/)
low line 16

External URL reference

SourceSKILL.md
16- [Domain Allowlist](https://platform.openai.com/settings/organization/security/domain-allowlist) - Required for production
low line 336

External URL reference

SourceSKILL.md
336NEXT_PUBLIC_API_URL=http://localhost:8000
low line 339

External URL reference

SourceSKILL.md
339# Get from: https://platform.openai.com/settings/organization/security/domain-allowlist
low line 345

External URL reference

SourceSKILL.md
3451. Deploy frontend to get production URL (e.g., `https://your-app.vercel.app`)
low line 346

External URL reference

SourceSKILL.md
3462. Go to: https://platform.openai.com/settings/organization/security/domain-allowlist
low line 439

External URL reference

SourceSKILL.md
439allow_origins=["http://localhost:3000", "https://your-app.vercel.app"],
Scanned on Feb 25, 2026
View Security Dashboard

Install this skill with one command

/learn @maneeshanif/chatkit-frontend
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawfrontendfrontend-developerproduct-managerux-designerdevelopmentproductdesign
maneeshanif/todo-spec-driven