Skills
skills/21st-dev/registry/21st-registry/Gen Agent Trust Hub

21st-registry

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes npx to run vendor-owned CLI tools such as @21st-dev/registry and @21st-sdk/cli for component management and user authentication.
  • [CREDENTIALS_UNSAFE]: The agent is instructed to verify authentication by checking the ~/.an/credentials file or the API_KEY_21ST environment variable, which are required for interaction with the 21st.dev service.
  • [EXTERNAL_DOWNLOADS]: The documentation includes instructions for manual installation and CLI acquisition via curl from the vendor's domain and the official NPM registry.
  • [DATA_EXFILTRATION]: The skill's primary function involves uploading local React component code to the 21st.dev registry. Security instructions are included to prevent the agent from including secrets or environment variables in these uploads.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 08:24 PM