react-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several third-party libraries and utilities such as
better-all(Shu Ding),lru-cache,swr, andsvgo. These are recognized resources within the frontend ecosystem and are used here for educational and architectural guidance. - [COMMAND_EXECUTION]: The documentation includes a CLI example for using the
svgotool to optimize SVG assets, which is a standard part of modern asset pipelines. - [PROMPT_INJECTION]: No instructional overrides, jailbreak markers, or attempts to bypass agent safety guidelines were identified.
- [DATA_EXFILTRATION]: No commands for accessing sensitive environment variables, credentials, or local files were detected, and there is no unauthorized network activity.
- [REMOTE_CODE_EXECUTION]: The skill mentions architectural features such as
next/dynamicfor lazy-loading and a static script injection pattern for theme management, which are legitimate framework capabilities used here in a safe and documented manner.
Audit Metadata