The Agent Skills Directory

General Security (SAFE): The skill is entirely educational, providing guidance on performance optimization. Analysis of all 57 rules shows no malicious intent or harmful command execution.
Data Handling (SAFE): While some rules discuss using localStorage and cookies, they do so within the context of performance (e.g., caching or theme persistence) and include defensive practices like try-catch blocks and data minimization.
Defensive Coding (SAFE): The rule server-auth-actions.md explicitly teaches users to implement authentication and authorization inside Server Actions to prevent security vulnerabilities, demonstrating a security-conscious design.
Dependencies (SAFE): References to external libraries like better-all, lru-cache, and swr point to reputable sources and standard industry packages. The use of dangerouslySetInnerHTML in the hydration flicker rule is a standard, contained solution for a specific SSR problem and does not introduce a generalized vulnerability.
Network Operations (SAFE): Example network calls (e.g., fetch('/api/users')) are illustrative of standard development patterns and do not target suspicious or hardcoded external domains.

vercel-react-best-practices