vercel-react-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Sig nif ic ant ri sk o f i nd ire ct pro mpt inj ect ion . 1 . I ng est ion poi nt : U ntr ust ed R eac t/N ex t.j s s ou rce cod e a n d P R d esc rip tio ns (SK ILL .m d). 2. Bou nda ry mar ker s: Abs ent ; t h e s kil l d oe s n o t d ef in e d eli mit ers for us e r d ata . 3. Cap abi lit y i nv ent ory : Re fac tor ing and cod e g en era tio n i nvo lve fil e- wr it e o per ati ons (SK ILL .m d). 4. San iti zat ion : A bse nt; the ski l l d oe s n o t i nst ruc t t h e a ge nt to ign ore or fil ter ins tru cti ons emb edd ed in cod e. Ma lic iou sly cra fte d c od e c oul d o ver rid e t hes e o pti mi zat ion gui del ine s o r t rig ger uni nte nd ed fil e m od ifi cat ion s.
- [EXTERNAL_DOWNLOADS] (LOW): Ref ere nce s s ev era l t rus ted lib rar ies lik e S WR and @ve rce l/an aly tic s. The inc lus ion of the com mun ity lib rar y 'be tte r-a ll' is not ed but dee med lo w r is k g ive n t h e c ont ext .
- [COMMAND_EXECUTION] (LOW): Ru le r end eri ng- svg -pr eci sio n.m d s ugg est s u sin g ' np x s vgo ', a sta nda rd dev elo pme nt to ol.
- [SAFE] (SAFE): Th e s kil l p rom ote s p os itiv e s ecu rit y p rac tic es, spe cif ica lly the rul e s er ver -au th- act ion s.m d w hic h r equ ire s a uth ent ic ati on wit hin Ser ver Act ion s.
Recommendations
- AI detected serious security threats
Audit Metadata