The Agent Skills Directory

[SAFE]: The skill consists of documentation and code examples intended to guide AI agents and developers in optimizing React applications. No executable malicious scripts or instructions were found.
[EXTERNAL_DOWNLOADS]: The document references several well-known and trusted external libraries and repositories, including Vercel's official documentation, swr, lru-cache (maintained by Isaac Z. Schlueter), and better-all (maintained by Shu Ding). These are established resources within the JavaScript ecosystem and are documented neutrally as technical dependencies.
[CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were identified. The skill proactively includes security recommendations (Section 3.1) advising developers to authenticate and authorize Server Actions to prevent unauthorized access.
[COMMAND_EXECUTION]: Mentions the use of npx svgo for SVG optimization, which is a standard development tool and not used for malicious purposes in this context.
[PROMPT_INJECTION]: The skill uses natural instructional language for agent guidance. There are no attempts to bypass safety filters or override system instructions.
[DATA_EXFILTRATION]: No network operations to unknown or suspicious domains were found. Mentioned network activity is limited to standard API fetching and library usage within a React context.
[INDIRECT_PROMPT_INJECTION]: While the skill defines rules for processing and refactoring codebases (Category 8 surface), it mitigates risks by recommending strict input validation with zod and proper authentication boundaries.

react-best-practices