shadcn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required runtime workflow is using the shadcn CLI to install components from registries (e.g., npx shadcn@latest add https://elements.ai-sdk.dev/api/registry/all.json or any https://.../r/*.json), where the fetched registry payload is outsider-authored free text/code that the CLI/agent ingests into the LLM context for “view/docs” or installation.