Skills
skills/dereknex/skills/ui-styling/Gen Agent Trust Hub

ui-styling

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/shadcn_add.py utilizes subprocess.run to invoke the npx shadcn@latest CLI tool. It dynamically assembles the command by appending component names received as command-line arguments, which is an intended automation feature but constitutes a system interaction surface.
  • [EXTERNAL_DOWNLOADS]: The skill uses the npx utility to download and execute the shadcn CLI tool directly from the npm registry. This process is documented as the standard method for managing the library and involves well-known developer tooling.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because its utility scripts ingest untrusted data (such as component names, color tokens, and font families) from the agent context. These inputs are interpolated into shell commands (shadcn_add.py) and generated configuration files (tailwind_config_gen.py) without dedicated sanitization or boundary markers to differentiate instructions from data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 02:21 PM