vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security threats detected. The skill provides technical guidelines and examples for legitimate performance improvements.
- Indirect Prompt Injection (LOW): The skill has an ingestion surface as it processes user-provided React/Next.js files. While boundary markers and sanitization are absent, the primary capability is code refactoring across all rule files, which is an inherent property of this tool.
- Dynamic Execution (LOW): The rule 'rendering-hydration-no-flicker.md' suggests using dangerouslySetInnerHTML for an inline script to prevent hydration mismatch. This is a standard React pattern for theme/storage synchronization.
Audit Metadata