The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the shadcn CLI (via npx, pnpm, or bun) to perform project discovery, search for components, and install them into the user's workspace. Commands used include info, add, search, and docs.
[DYNAMIC_CONTEXT_INJECTION]: In vendor/shadcn/SKILL.md, the skill uses the !npx shadcn@latest info --json pattern to automatically inject project-specific configuration (framework, aliases, installed components) into the agent's context when the skill is loaded. This is a legitimate use of dynamic context for tool discovery.
[EXTERNAL_DOWNLOADS]: The skill downloads component source code, documentation, and usage examples from the official ui.shadcn.com registry and its associated GitHub repositories. It also supports fetching from community or private registries defined in the project's components.json.
[PROMPT_INJECTION]: The skill has a potential indirect prompt injection surface because it processes code and data from external registries. However, it mitigates this risk by explicitly instructing the assistant to 'read the added files and verify they are correct' and check for 'violations of the Critical Rules' before proceeding.
[CREDENTIALS_UNSAFE]: While the vendor/shadcn/mcp.md file mentions the use of Bearer tokens for private registries, it correctly recommends using environment variable placeholders (e.g., ${MY_TOKEN}) rather than hardcoding secrets.

shadcn-ui