The Agent Skills Directory

[SAFE] (SAFE): No malicious behavior, obfuscation, or data exfiltration patterns were detected. The skill is primarily composed of Markdown documentation and best-practice code examples.
[EXTERNAL_DOWNLOADS] (LOW): The skill references several well-known and reputable libraries such as swr, lru-cache, and better-all. It also mentions standard UI libraries like lucide-react and @mui/material. These references are provided in the context of developer education and are not executed as untrusted dependencies.
[COMMAND_EXECUTION] (SAFE): The README.md includes standard development commands (pnpm build, pnpm validate, pnpm extract-tests) typical for maintaining a documentation repository. No suspicious or hidden command injection patterns were found.
[CREDENTIALS_UNSAFE] (SAFE): While the skill mentions authentication (server-auth-actions.md), it correctly advises on secure patterns (verifying sessions inside server actions) and does not contain hardcoded secrets or sensitive credentials.
[DATA_EXFILTRATION] (SAFE): Data handling instructions (like localStorage versioning) focus on privacy and performance by recommending the minimization of stored data and preventing the accidental storage of PII.

vercel-react-best-practices