vercel-composition-patterns
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMSAFENO_CODE
Full Analysis
- [SAFE]: The skill's primary content consists of educational documentation and code examples for React development.
- Analysis of all 11 markdown files shows only instructional material for React architecture (Compound Components, State Lifting, React 19 APIs).
- No evidence of malicious scripts, network exfiltration, or unauthorized file access was detected in the content.
- [NO_CODE]: The skill does not include any executable scripts, binaries, or automated tools.
- The absence of code files significantly reduces the risk of unauthorized command execution, privilege escalation, or persistence mechanisms.
- [SAFE]: A metadata discrepancy was identified in the skill definition.
- The author field in SKILL.md is set to "vercel", which conflicts with the attributed author SovranBitcoin.
- The name "vercel-composition-patterns" is used to imply official status from a trusted organization, constituting a form of metadata poisoning and impersonation.
Audit Metadata