react-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of instructional guidelines and code examples designed to improve React and Next.js application performance. It includes rules for eliminating waterfalls, bundle size optimization, and server-side performance.
- [EXTERNAL_DOWNLOADS]: The documentation references well-known and standard community libraries such as 'better-all', 'lru-cache', 'swr', 'zod', and 'lucide-react'. These are used in code examples to demonstrate best practices and do not represent a supply-chain risk in this context.
- [COMMAND_EXECUTION]: The rule for SVG optimization (rules/rendering-svg-precision.md) mentions the use of 'npx svgo'. This is provided as a standard development tool recommendation for optimizing assets and is not executed automatically by the skill.
- [SAFE]: One rule (rules/server-auth-actions.md) specifically focuses on security best practices, instructing the agent/developer to always verify authentication and authorization inside Server Actions to prevent unauthorized access.
Audit Metadata