shadcn-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md and README) shows the agent using MCP tools like get_component, get_block, and search_items_in_registries to retrieve component and block source from registries/Registry Directory (third-party component sources), which the agent is expected to read and act on to install/customize components—exposing it to untrusted, user-provided code/content that could contain instructive payloads.