trident-ui-install

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most links point to private/organizational registries (develop.trident-ui.pro.clubmed / trident-ui.pro.clubmed) that are not well-known public CDNs and can serve JSON/JSX used by tooling (npx shadcn) to inject code into projects, so while they’re not direct executable downloads they represent a non-trivial supply‑chain risk unless you trust and verify the source; nodejs.org and ui.shadcn.com are legitimate, but the trident-ui endpoints should be treated as untrusted until validated.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and installs external component/config files during its mandatory workflow (e.g., "npx shadcn@latest add https://develop.trident-ui.pro.clubmed/r/tailwind-config.json" and registry URLs in components.json), which ingests untrusted third-party content that can alter subsequent tooling/behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes the shadcn CLI at runtime (npx shadcn@latest add https://develop.trident-ui.pro.clubmed/r/tailwind-config.json) which fetches remote JSON/component content that is injected into the project, so this URL is a runtime dependency that supplies external code/config used by the installer.