The Agent Skills Directory

[SAFE] (SAFE): The skill operates as a knowledge base for performance best practices. All 52 files were analyzed for various threat vectors.
[EXTERNAL_DOWNLOADS] (INFO): The README.md and several rules reference external dependencies and tools such as pnpm, swr, better-all, and lru-cache. These are standard industry packages and the references point to reputable sources (Vercel, GitHub/shuding, official documentation).
[PROMPT_INJECTION] (SAFE): No instructions attempting to override system prompts or bypass safety filters were found. The language used is purely technical and instructional for code optimization.
[INDIRECT_PROMPT_INJECTION] (LOW): While the skill is designed to process and refactor user-provided code (a potential injection surface), the provided rules themselves are static, well-documented, and do not contain executable malicious logic. The risk is inherent to the task of code refactoring and not specific to this skill's implementation.
[DYNAMIC_EXECUTION] (LOW): Rule rendering-hydration-no-flicker.md demonstrates the use of dangerouslySetInnerHTML for a specific legitimate performance pattern (theme flicker prevention). This is a code snippet for the agent to follow, not a command the skill executes itself, and the example logic is benign.

vercel-react-best-practices