shadcn-registries
Warn
Audited by Snyk on Jun 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). The required workflow consults MCP tools (
mcp__shadcn__search_items_in_registries/mcp__shadcn__get_add_command_for_items) at runtime, and those tools commonly fetch registry metadata/commands from external registries/web sources, which can include outsider-authored free text that the agent then injects into the LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata