ClawHub

React Best Practices Cn

Security checks across malware telemetry and agentic risk

Overview

This documentation-only React/Next.js skill does not run code, but it needs review because some examples could steer agents toward unsafe inline scripts, auth-state handling, cookie logging, or shared user caches.

Install only if you are comfortable reviewing generated React/Next.js changes carefully. Pay special attention to outputs that add inline scripts, dangerouslySetInnerHTML, localStorage or cookie-based auth behavior, background logging, or shared server caches; those changes should include explicit CSP/XSS protections, server-side auth validation, redaction, and authorization-aware cache scoping.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The guide recommends an inline script via dangerouslySetInnerHTML that reads from localStorage and mutates the DOM, but it does not warn about CSP incompatibility, XSS-sensitive sinks, or the trust boundary around client-stored values. In an agent-targeted skill, this can cause downstream code generation that normalizes unsafe inline-script patterns and weakens defenses if developers later interpolate dynamic data into the script.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description is broad enough to trigger on a very large class of ordinary React/Next.js tasks, which can cause the agent to invoke this skill more often than the user likely intended. Over-broad activation increases the chance of unnecessary instruction injection into unrelated workflows and can bias outputs toward this skill’s guidance even when not appropriate.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
Fixing the skill language to zh-CN without an explicit user opt-in can cause unexpected language switching, reducing transparency and increasing the risk that users misunderstand important instructions or generated code explanations. In a security-sensitive or code-review context, language mismatch can hide errors or make validation harder.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The guidance explicitly lists authentication state as appropriate for immediate rendering from client-only storage, which can encourage developers to read auth-related state from localStorage/cookies in a synchronous pre-hydration script without discussing integrity, privacy, or XSS risks. In a best-practices skill, this is more dangerous than casual prose because readers may adopt it as endorsed architecture, potentially exposing sensitive auth state to client-side tampering or leakage.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal