shadcn-syntax-toast-sonner

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill contains technical documentation and code examples without any instructions that attempt to override agent behavior, bypass safety filters, or extract system prompts.
  • [DATA_EXFILTRATION]: No evidence of sensitive data access or exfiltration was found. Network operations mentioned (e.g., fetch, WebSocket) are standard examples for local API interaction within web applications.
  • [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private keys were detected. The skill follows best practices by not including sensitive information in its examples.
  • [EXTERNAL_DOWNLOADS]: The documentation references standard package installations for 'sonner' and 'next-themes' using established tools like pnpm and the shadcn CLI. These are well-known dependencies in the React ecosystem.
  • [COMMAND_EXECUTION]: Included commands are limited to standard developer workflows for package management and project initialization (e.g., pnpm add, shadcn add).
  • [REMOTE_CODE_EXECUTION]: No patterns of downloading and executing scripts from untrusted remote sources were identified.
  • [OBFUSCATION]: The skill uses clear, human-readable text and standard code formatting. No base64, zero-width characters, or other obfuscation techniques were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 03:40 PM
Security Audit — agent-trust-hub — shadcn-syntax-toast-sonner