ui-shadcn-studio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly references ingesting external, user-authored sources—e.g., the MCP command "/ftc Install blocks from Figma design (requires Figma MCP)" and the instruction to "Visit https://shadcnstudio.com/theme-generator"—which indicates the agent may read/interpret untrusted third-party content that can influence generation behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires running "npx shadcn@latest mcp init --client cursor", which fetches and executes remote code from the shadcn npm package (e.g., https://registry.npmjs.org/shadcn) to install an MCP server that controls in-IDE agent prompts at runtime and is a required dependency.