vercel-react-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- Standard Ecosystem Dependencies: The guidelines reference several common libraries such as
swrfor data fetching,lru-cachefor server-side caching, andbetter-allfor promise management. These are well-established tools within the React and Next.js development community and are used here to demonstrate best practices. - Technical Implementation Patterns: One guideline discusses the use of
dangerouslySetInnerHTMLto execute a synchronous script during the initial page load to prevent UI flickering. While this React feature requires care in production to avoid Cross-Site Scripting (XSS) if used with dynamic user data, the skill presents it as a specific technical solution for hydration synchronization. - Integration of Security Guidelines: The skill includes explicit instructions on securing Server Actions, emphasizing that they should be treated as public API endpoints. It provides examples for implementing authentication, authorization, and input validation using libraries like
zod, which contributes to the overall security posture of applications following these rules. - Documentation and Build Infrastructure: The repository uses standard Node.js tooling, including
pnpmfor dependency management and custom scripts for content validation and compilation. These are typical for structured documentation projects maintained by engineering organizations.
Audit Metadata