tailwind-v4-shadcn
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install well-known, official packages such as 'tailwindcss', '@tailwindcss/vite', and 'lucide-react' from standard registries. It also uses 'pnpm dlx' to run the official 'shadcn' initialization script, which is a common and trusted development practice.
- [COMMAND_EXECUTION]: Provides routine shell commands for project scaffolding, such as installing dependencies and managing configuration files (e.g., removing legacy Tailwind config files). These operations are appropriate for the skill's stated purpose of project initialization.
- [SAFE]: Detailed inspection of the templates and documentation (including the ThemeProvider and CSS architecture) revealed no signs of prompt injection, data exfiltration, or obfuscation. The provided code follows established security and development best practices.
Audit Metadata