Skills
skills/midudev/autoskills/shadcn/Gen Agent Trust Hub

shadcn

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shadcn CLI commands via npx, pnpm dlx, or bunx to manage project components. It utilizes dynamic context injection in SKILL.md (!`npx shadcn@latest info --json` ) to automatically retrieve project configuration when the skill is loaded.
  • [EXTERNAL_DOWNLOADS]: The skill downloads React component source code from official and configured community registries. It also fetches documentation and code examples from remote URLs provided by the shadcn docs command.
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by ingesting and processing content from external documentation URLs and registry metadata. Mandatory Evidence Chain: 1. Ingestion points: Output of shadcn info, documentation URLs from shadcn docs, and component files from registries. 2. Boundary markers: Absent. 3. Capability inventory: Arbitrary CLI command execution and file-system writes. 4. Sanitization: None specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:11 AM
Security Audit — agent-trust-hub — shadcn