The Agent Skills Directory

[SAFE]: The skill is entirely instructional, providing best practices for React and Next.js development. It does not include executable code or scripts that perform operations on the host system.
[EXTERNAL_DOWNLOADS]: The skill recommends several well-known and reputable libraries, such as swr, zod, lru-cache, and better-all. All external references point to official documentation (react.dev, nextjs.org) or trusted sources (vercel.com, github.com/shuding).
[COMMAND_EXECUTION]: Mentions npx svgo as a utility for optimizing SVG files, which is a standard industry practice for frontend developers.
[PROMPT_INJECTION]: No attempts to override agent behavior or safety filters were found in the instructions or metadata.
[DATA_EXFILTRATION]: No network exfiltration or sensitive data access patterns were identified. Instructions regarding localStorage and cookies are scoped to standard client-side state management techniques.
[SAFE]: Includes explicit security guidance in rules/server-auth-actions.md, instructing developers to treat Server Actions as public endpoints and implement internal authentication and authorization checks.

vercel-react-best-practices