The Agent Skills Directory

[Prompt Injection] (SAFE): Analysis of the markdown content shows no presence of override markers, role-play injections, or instructions to disregard safety guidelines. The instructions are focused on technical code optimization.
[Data Exposure & Exfiltration] (SAFE): No hardcoded credentials (API keys, secrets) or sensitive file paths were detected. References to localStorage and cookies in the 'Correct' examples are within the context of standard UI state management and do not involve external exfiltration.
[Obfuscation] (SAFE): No Base64-encoded commands, zero-width characters, or homoglyphs were found. The code and markdown are clear and human-readable.
[Unverifiable Dependencies] (SAFE): The skill references standard libraries such as SWR, lru-cache, and better-all. These are well-known in the React community and used for their intended purposes.
[Indirect Prompt Injection] (SAFE): The skill provides rules for reviewing code. It does not ingest untrusted data at runtime or expose capability surfaces that could be exploited by malicious inputs.
[Dynamic Execution] (SAFE): While the pattern for 'Prevent Hydration Mismatch' recommends using dangerouslySetInnerHTML, it is used for a static, safe theme-initialization script, which is a common and legitimate performance optimization.

vercel-react-best-practices