vercel-composition-patterns
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Deceptive metadata in the SKILL.md file identifies the author as "vercel" and the skill name as "vercel-composition-patterns", while the actual author is darraghh1. This impersonation of a trusted organization can lead users to misjudge the authority and safety of the skill's instructions.
- [PROMPT_INJECTION]: The skill establishes a vulnerability surface for indirect prompt injection as it is designed to analyze and refactor untrusted user source code.
- Ingestion points: The agent applies the skill's rules to user-provided React components and codebases within the conversation context.
- Boundary markers: The instructions lack delimiters (like XML tags) or specific warnings to ignore instructions embedded in comments or strings within the ingested code.
- Capability inventory: The agent is tasked with structural refactoring and modifying component logic based on these architectural rules.
- Sanitization: There are no instructions to validate or sanitize the ingested code for hidden instructions before processing.
- [NO_CODE]: The skill consists entirely of Markdown documentation and code examples, with no executable scripts, binaries, or automated installation steps provided.
Audit Metadata