Skills
skills/partme-ai/full-stack-skills/stitch-shadcn-ui/Gen Agent Trust Hub

stitch-shadcn-ui

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool to execute npx shadcn@latest commands for project initialization and component installation, which is the standard and recommended method for using the shadcn/ui framework.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of component source code, dependencies, and configuration from official registries and references documentation from ui.shadcn.com.
  • [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection because it retrieves and processes external content (component code and registry metadata) while having access to sensitive tools.
  • Ingestion points: External component source code fetched via the shadcn CLI and documentation retrieved through the web_fetch tool.
  • Boundary markers: The skill does not implement explicit boundary markers or warnings to prevent the agent from potentially obeying instructions embedded within the downloaded component source code.
  • Capability inventory: The skill has access to Bash (command execution), Write (file system modification), and Read (file access) across the project repository.
  • Sanitization: There is no defined process within the skill for the agent to sanitize or validate the external component code before it is written to the local project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 06:28 AM