Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [Environment Variable Management]: The skill correctly demonstrates using
process.env.RESEND_API_KEYto manage sensitive credentials. This approach follows the principle of avoiding hardcoded secrets and leveraging platform-native environment variable injection. - [Well-Known Service Integration]: The guidance focuses on Resend and React Email, which are standard, widely used tools within the Vercel ecosystem. The instructions align with official integration patterns.
- [Standard CLI Tooling]: The skill references common development tools such as
npx react-email devandvercel integration add. These are official CLI commands used for local development and platform configuration. - [Data Handling Consideration]: The example API routes ingest external data through
req.json(). While appropriate for the intended functionality, it is recommended that developers validate and sanitize these inputs (such as email bodies or user names) before processing them to ensure application integrity.
Audit Metadata