vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Metadata Analysis] (SAFE): The skill is attributed to 'vercel', which is a trusted organization. The versioning and licensing are standard.
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- [Data Exfiltration] (SAFE): There are no network calls (curl, fetch) or access to sensitive local file paths (e.g., .ssh, .aws).
- [Remote Code Execution] (SAFE): The skill does not perform any package installations or remote script execution. It references local rule files for documentation purposes only.
- [Obfuscation] (SAFE): No Base64 encoding, zero-width characters, or other obfuscation techniques were found.
- [Indirect Prompt Injection] (LOW): While the skill is intended to process and refactor user code (untrusted data), it provides static guidelines rather than dynamic execution logic, minimizing the risk of automated obedience to embedded instructions.
Audit Metadata