shadcn-ui
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill recommends using a secondary 'quick-searcher' agent to retrieve API details and usage patterns from external domains like ui.shadcn.com and radix-ui.com. This introduces a vulnerability surface for indirect prompt injection if those external sources were to contain malicious instructions. The provided prompt template lacks boundary markers or instructions to disregard embedded directives in the fetched content.
- [COMMAND_EXECUTION]: The instructions frequently use standard CLI commands for the shadcn framework, such as 'npx shadcn@latest init' and 'shadcn add --dry-run'. These are standard development operations and are considered safe in the context of this skill's purpose.
- [EXTERNAL_DOWNLOADS]: The skill documents the shadcn registry system, which involves downloading component configurations and source code from remote registries. While this involves external data ingestion, it is the core intended functionality of the framework's distribution model.
Audit Metadata