vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [GENERAL] (SAFE): The skill is entirely documentation-based and contains no executable scripts, commands, or network requests.
- [TRUSTED_SOURCE] (INFO): The author is Vercel Labs, which is recognized as a trusted organization.
- [DATA_EXFILTRATION] (SAFE): No sensitive data access or exfiltration patterns were found.
- [REMOTE_CODE_EXECUTION] (SAFE): No patterns for remote code download or execution were detected.
- [PROMPT_INJECTION] (SAFE): No malicious instruction overrides or system prompt extraction attempts are present.
- [INDIRECT_PROMPT_INJECTION] (INFO): While the skill is designed to process external code for review, it does not possess any side-effect capabilities (e.g., file writing, network access) that would create a high-risk attack surface.
Audit Metadata