vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is intended to review and refactor external React and Next.js code, which serves as an ingestion point for untrusted data. Evidence: 1. Ingestion points: External source code provided for performance review (SKILL.md). 2. Boundary markers: None defined. 3. Capability inventory: Documentation only; no subprocess, network, or file-system capabilities identified (SKILL.md). 4. Sanitization: None provided.
- [No Code] (SAFE): The skill consists entirely of markdown documentation and metadata. No executable logic, scripts, or binaries were found in the provided file.
Audit Metadata