The Agent Skills Directory

[SAFE]: The skill is a collection of educational guidelines and best practices for React and Next.js performance optimization. It does not contain any executable malicious scripts or dangerous instructions.
[SAFE]: The skill explicitly promotes security best practices, notably in rules/server-auth-actions.md, which instructs developers to treat Server Actions as public API endpoints and implement proper authentication and authorization inside them.
[SAFE]: It warns against common security and concurrency pitfalls in SSR environments, such as avoiding shared module state for request-specific data (rules/server-no-shared-module-state.md) to prevent data leaks between concurrent requests.
[SAFE]: All external references point to official and reputable sources including React's official documentation (react.dev), Next.js documentation (nextjs.org), and Vercel's engineering blog.
[SAFE]: Recommended third-party libraries such as swr, lru-cache, and better-all are well-known, established packages in the JavaScript ecosystem.
[SAFE]: The use of dangerouslySetInnerHTML in rules/rendering-hydration-no-flicker.md is for a specific, well-documented performance pattern (syncing theme or storage data before hydration) and uses a hardcoded, benign script.

vercel-react-best-practices