vercel-composition-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected across the analyzed files. The skill provides architectural guidelines for React development using markdown and static code examples.
- [PROMPT_INJECTION]: All instructions within AGENTS.md and the rules directory are benign and directed toward technical code refactoring tasks. There are no attempts to bypass safety filters, ignore prior instructions, or extract system prompts.
- [EXTERNAL_DOWNLOADS]: The skill does not perform any remote downloads or script executions. References in metadata.json and AGENTS.md are limited to official React documentation (react.dev), which is a trusted service.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or sensitive credentials were found. The code examples use placeholder variables and generic identifiers.
- [DATA_EXFILTRATION]: No network operations (curl, fetch, etc.) or sensitive file system access patterns were identified.
- [COMMAND_EXECUTION]: The skill consists of static content and does not include any scripts (Python, Node.js, Shell) that could execute commands on the host system.
Audit Metadata