Frontend Composition Patterns
PassAudited by ClawScan on May 1, 2026.
Overview
This is a documentation-only React design-pattern skill with no code, credentials, or data access; the only notable items are provenance and user-directed install commands.
This skill appears safe to use as React architecture guidance. Before running the optional installation commands from the README, verify the package/source and prefer a pinned or registry-reviewed version. No credentials or sensitive project access are required by the artifacts.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user follows the alternate install command, they may install whatever content is currently on that branch rather than exactly the reviewed registry artifact.
The README offers a user-directed install path from a GitHub branch rather than a pinned immutable version. This is normal installation documentation, but users should verify the source before running it.
npx add https://github.com/wpank/ai/tree/main/skills/frontend/composition-patterns
Prefer the reviewed registry version or a pinned/verified source, and inspect remote install targets before running npx commands.
A user might give the skill extra trust based on an attribution that is not substantiated by the supplied metadata.
The skill includes a source attribution while the provided registry metadata lists the source as unknown and has no homepage. This does not show malicious behavior, but users should not rely on the attribution without verification.
**Source:** Vercel Engineering
Treat the attribution as informational unless independently verified, and evaluate the guidance on its own merits.