data-fetching-patterns

Explains various data fetching strategies to optimize loading performance and enhance user experience in applications.

Install this skill

or

0/100

Security score

The data-fetching-patterns skill was audited on Feb 27, 2026 and we found 24 security issues across 2 threat categories, including 6 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 654

Template literal with variable interpolation in command context

SourceSKILL.md

654	fetch(`/api/search?q=${query}`)

high line 677

Template literal with variable interpolation in command context

SourceSKILL.md

677	fetch(`/api/search?q=${query}`, { signal: controller.signal })

high line 697

Template literal with variable interpolation in command context

SourceSKILL.md

697	queryFn: () => fetch(`/api/search?q=${query}`).then(r => r.json()),

high line 1094

Template literal with variable interpolation in command context

SourceSKILL.md

1094	const key = `${options?.method \|\| 'GET'}:${url}`;

high line 1240

Template literal with variable interpolation in command context

SourceSKILL.md

1240	() => fetch(`/api/users/${userId}`).then(r => r.json())

high line 1495

Template literal with variable interpolation in command context

SourceSKILL.md

1495	await revalidatePath(`/${type}/${id}`);

medium line 222

Fetch to external URL

SourceSKILL.md

222	// Component A: fetch('/api/user')

medium line 223

Fetch to external URL

SourceSKILL.md

223	// Component B: fetch('/api/user')

medium line 429

Fetch to external URL

SourceSKILL.md

429	fetch('/api/users/full-profile') // 50 fields

medium line 435

Fetch to external URL

SourceSKILL.md

435	fetch('/api/users/summary') // 3 fields

medium line 544

Fetch to external URL

SourceSKILL.md

544	fetch('/api/user').then(r => r.json()).then(setUser);

medium line 552

Fetch to external URL

SourceSKILL.md

552	fetch('/api/user').then(r => r.json()).then(setUser); // SAME REQUEST!

medium line 560

Fetch to external URL

SourceSKILL.md

560	fetch('/api/user').then(r => r.json()).then(setUser); // SAME REQUEST!

medium line 878

Fetch to external URL

SourceSKILL.md

878	const user = await fetch('/api/users/123');

medium line 879

Fetch to external URL

SourceSKILL.md

879	const posts = await fetch('/api/users/123/posts');

medium line 880

Fetch to external URL

SourceSKILL.md

880	const comments = await fetch('/api/users/123/posts/comments/count');

medium line 932

Fetch to external URL

SourceSKILL.md

932	await fetch('/api/data');

medium line 947

Fetch to external URL

SourceSKILL.md

947	const response = await fetch('/api/data');

medium line 1021

Fetch to external URL

SourceSKILL.md

1021	const data1 = await dedupedFetch('user', () => fetch('/api/user'));

medium line 1022

Fetch to external URL

SourceSKILL.md

1022	const data2 = await dedupedFetch('user', () => fetch('/api/user'));

medium line 1483

Webhook reference - potential data exfiltration

SourceSKILL.md

1483	// Webhook-based invalidation (for ISR)

medium line 1484

Webhook reference - potential data exfiltration

SourceSKILL.md

1484	async function handleRevalidationWebhook(request) {

medium line 1487

Webhook reference - potential data exfiltration

SourceSKILL.md

1487	// Verify webhook signature

medium line 1488

Webhook reference - potential data exfiltration

SourceSKILL.md

1488	const signature = request.headers.get('x-webhook-signature');

Scanned on Feb 27, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

diegosouzapw/awesome-omni-skill