Skills
skills/udecode/plate/shadcn/Gen Agent Trust Hub

shadcn

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Employs the npx shadcn@latest command to perform administrative tasks such as retrieving project information, searching component registries, and viewing documentation.
  • [COMMAND_EXECUTION]: Implements dynamic context injection in SKILL.md using the !npx shadcn@latest info --json`` pattern to automatically populate project configuration into the agent's context upon activation.
  • [REMOTE_CODE_EXECUTION]: Facilitates the download and integration of external component source code from the shadcn registry and user-defined URLs into the local project environment via the CLI tool.
  • [PROMPT_INJECTION]: The skill maintains an indirect prompt injection attack surface as it processes untrusted data from external registries and component files.
  • Ingestion points: External registry metadata and component source files retrieved through CLI commands like add and view.
  • Boundary markers: No explicit markers are present to isolate external data from internal agent instructions.
  • Capability inventory: Includes shell command execution via npx, project file system modifications, and network access for fetching external resources.
  • Sanitization: The skill relies on human-in-the-loop review instructions to verify added components rather than automated sanitization logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 12:15 PM