shadcn
Warn
Audited by Snyk on Mar 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's workflow and CLI explicitly require fetching and reading component docs, example URLs, and registry item files from public/community registries (see SKILL.md "run npx shadcn@latest docs ... Fetch these URLs to get the actual content", cli.md docs/view/add commands, and mcp.md registry/view tools), so the agent ingests untrusted third‑party code/pages that can influence subsequent install/merge actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs runtime fetching of component docs and examples (e.g. https://ui.shadcn.com/docs/components/radix/input and raw example URLs such as https://raw.githubusercontent.com/.../examples/input-example.tsx) which are injected/used to drive the agent's code-generation and install decisions, so external URLs are used at runtime to control prompts and are relied upon by the skill.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata