The Agent Skills Directory

[Data Exposure / Credentials Unsafe] (MEDIUM): The skill contains reference patterns (e.g., 'env-client-exposure', 'server-action-no-auth') that instruct the AI to introduce high-severity security vulnerabilities. These patterns explicitly direct the agent to expose server-side environment variables like 'API_SECRET_KEY' to client-side components and remove authorization checks from Next.js Server Actions. While documented as an 'anti-pattern' for training, these transformations create functional security holes in the target codebase. The severity is set to MEDIUM as this behavior is the stated primary purpose of the skill, but it constitutes a high-risk capability.
[Indirect Prompt Injection] (LOW): The skill processes untrusted user code and has the capability to write modifications back to the filesystem, creating a vulnerability to indirect instructions. Evidence Chain: 1. Ingestion points: Reads existing React and Next.js source files as specified in the Framework Detection and Apply Changes steps of SKILL.md. 2. Boundary markers: Absent; there are no instructions to ignore or delimit embedded instructions within the source code. 3. Capability inventory: File-writing capabilities to modify user source code. 4. Sanitization: Absent; the skill interpolates the 'After' code transformations directly into the user's files based on the pattern catalog.
[No Code] (SAFE): The skill consists entirely of Markdown and YAML documentation files; it does not distribute executable scripts or binaries.

react-anti-patterns