nextjs-react-expert
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The script
scripts/convert_rules.pyutilizes broad path traversal (Path(__file__).parent.parent.parent.parent.parent) to access directories far outside the skill's root. This pattern can be used to read or overwrite files in the user's workspace or home directory depending on where the skill is stored. - [COMMAND_EXECUTION] (MEDIUM): The
SKILL.mdinstructions explicitly direct the user or agent to run a 'Validation Script' (scripts/react_performance_checker.py). This script is absent from the provided files, creating a scenario where an agent might attempt to locate and execute an unknown or external version of the script, leading to unverified code execution. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest a
<project_path>for performance auditing. While the scripts for this are missing, the surface area for auditing external code combined with the existing conversion script's file-write capabilities creates a potential path for side effects if used with untrusted project data. - [METADATA_POISONING] (LOW): The metadata claims the content is 'From Vercel Engineering'. While the educational content is consistent with Vercel's public documentation, the claim of authorship within the skill markdown itself is unverifiable and could be used to gain undue trust from the agent or user.
Audit Metadata