vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were identified. The skill is designed for engineering guidance and follows industry standards.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and blogs from trusted organizations like Vercel and Next.js, along with well-known open-source performance libraries. These include resources for
swr,lru-cache, andbetter-all. These links are provided neutrally for architectural context. - [PROMPT_INJECTION]: The skill identifies performance bottlenecks in user-provided code. Ingestion points: Components and routes read from the workspace via the Read tool. Boundary markers: Not present in the instructions. Capability inventory: Read, Write, and Edit tools are used for refactoring tasks. Sanitization: Not present. This represents an indirect prompt injection surface common to AI-assisted coding tools.
Audit Metadata