vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No security issues detected. The skill provides high-quality technical documentation and best practices for React development.
- [Trusted Source] (INFO): The skill is attributed to Vercel, which is a recognized and trusted organization in the web development ecosystem.
- [Indirect Prompt Injection] (LOW): While the skill is intended for reviewing and refactoring user-provided code (an ingestion point for untrusted data), it provides static guidelines and lacks any direct executable capabilities or automated file-system/network access that could be exploited via injection.
- [Dynamic Execution] (INFO): The rule 'rendering-hydration-no-flicker.md' includes an example using 'dangerouslySetInnerHTML' to inject a synchronous theme-setting script. This is a standard performance optimization in the React ecosystem and is presented as an informative pattern.
Audit Metadata