vercel-react-best-practices
Warn
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill metadata (SKILL.md) identifies the author as 'vercel', which is inconsistent with the actual skill author 'akillness'. This discrepancy is a form of metadata poisoning that misleads users and agents regarding the authoritative source of the instructions.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and analyze untrusted user-provided source code for optimization tasks.
- Ingestion points: User source code files provided for review or refactoring.
- Boundary markers: The skill lacks explicit instructions or markers to delimit user-provided data from agent instructions, increasing the risk of the agent following directives embedded in code comments.
- Capability inventory: The skill allows the agent to generate and potentially overwrite code, which could be exploited if malicious instructions are processed.
- Sanitization: No sanitization or validation of the ingested code is described to prevent instruction override.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and official repositories from trusted organizations including React, Next.js, and Vercel. These external links are used to provide legitimate context and additional information for the guidelines.
Audit Metadata