Skills
skills/infrasity-labs/dev-gtm-claude-skills/ui-styling/Gen Agent Trust Hub

ui-styling

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/shadcn_add.py uses subprocess.run to execute the npx shadcn@latest add command. This is used to programmatically install UI components into the user's project. The execution uses a list-based command structure without shell=True, which is a secure practice for preventing command injection.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of UI components and design tokens from the official shadcn and Tailwind CSS registries. These are well-known technology services, and the downloads are performed through standard package management tools like npx and npm.
  • [NO_CODE]: While the skill contains automation scripts, they are utility tools designed to interact with established CLI frameworks. The core functionality of the skill is provided through structured documentation and implementation patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 11:43 PM
Security Audit — agent-trust-hub — ui-styling