chrisnanninga-vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is purely instructional regarding software engineering patterns.
- DATA_EXFILTRATION (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected. Examples mentioning
localStorageorcookiesare standard web development patterns for theme persistence and session management. - EXTERNAL_DOWNLOADS (SAFE): References to external packages like
swr,better-all, andlru-cachepoint to reputable sources and standard industry libraries. No suspicious or unverified dependencies are requested for installation. - REMOTE_CODE_EXECUTION (SAFE): No patterns of downloading and executing remote scripts (e.g.,
curl | bash) were found. The skill does not perform any dynamic code execution. - OBFUSCATION (SAFE): No Base64, zero-width characters, or other encoding techniques are used to hide malicious content. All code and documentation are in plain, readable Markdown.
- METADATA_POISONING (SAFE): While the metadata claims the skill is 'maintained by Vercel' despite being under a personal namespace, the content accurately reflects official Vercel/Next.js documentation and blog posts, posing no security risk.
Audit Metadata