The Agent Skills Directory

[SAFE]: Analysis of the skill content reveals no malicious behavior, obfuscation, or credential theft. The guidelines focus on legitimate performance improvements for web development.\n- [EXTERNAL_DOWNLOADS]: The guidelines reference well-known and trusted packages such as swr, lru-cache, and better-all. These are widely used in the React community and originate from reputable sources.\n- [COMMAND_EXECUTION]: The skill suggests the use of npx svgo for asset optimization. This is a standard developer tool for SVG minification and does not pose an inherent security risk in this context.\n- [PROMPT_INJECTION]: While the skill's primary function involves processing untrusted user-provided source code (Ingestion points: SKILL.md), it lacks specific adversarial patterns. (Boundary markers: Absent; Capability inventory: SKILL.md tools like Bash/Write; Sanitization: Absent). The risk is considered inherent to coding tasks and the skill content itself is safe.

react-best-practices