Vercel react-best-practices — agentic threat model
This agent skill poses a low direct operational risk due to its lack of autonomy and tool execution, but presents a moderate indirect supply-chain risk as compromised guidance could systematically steer developers or other agents to generate insecure React code.
OWASP AIVSS score rationale
| Autonomy of Action | 0.10 | |
| Goal-Driven Planning | 0.10 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.00 | |
| Persistent Memory | 0.00 | |
| Contextual Awareness | 0.30 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.10 | |
| Non-Determinism | 0.40 | |
| Opacity & Reflexivity | 0.30 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — The underlying LLM is not specified, but it is vulnerable to prompt injection or adversarial examples that could bypass the React best-practice guidance or cause it to generate insecure code.
Not certain from the listing — The data operations layer (how the best practices are stored, retrieved, or injected into the prompt context) is not detailed, posing risks of guidance poisoning if the source repository is compromised.
This skill integrates into Vercel's agent framework to steer code generation; vulnerabilities here include framework-level prompt injection that overrides these best practices or forces the agent to ignore them.
Not certain from the listing — The hosting and execution environment of the Vercel agent framework are not described, leaving potential risks of infrastructure compromise unaddressed.
Not certain from the listing — There is no mention of automated evaluation, guardrails, or logging to verify if the agent actually adheres to the best practices or generates insecure code.
Not certain from the listing — No specific compliance frameworks, access controls, or audit logging mechanisms are detailed for this agent skill.
As an open-source 'Agent Skill' designed to influence other agents' code generation across a project, it represents a supply-chain risk where a compromised skill could propagate insecure code patterns to other agents in the ecosystem.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).