Skills
skills/diegosouzapw/awesome-omni-skill/shadcn-ui/Gen Agent Trust Hub

shadcn-ui

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands, such as npx shadcn@latest add [component-name], using the Bash tool. This creates a potential indirect command injection vulnerability where a malicious user could provide a component name containing shell metacharacters to execute unauthorized commands.\n
  • Ingestion points: The [component-name] parameter in component installation commands.\n
  • Boundary markers: No delimiters or instructions are provided to the agent to treat the input as literal data only.\n
  • Capability inventory: The skill is configured with access to the Bash tool and file system Write operations.\n
  • Sanitization: No mechanisms for sanitizing or validating user input are specified before execution.\n- [REMOTE_CODE_EXECUTION]: The instructions encourage the use of npx shadcn@latest, which involves downloading and executing the latest CLI tool from the npm registry. While shadcn is a well-known project, this is a form of runtime remote code execution.\n- [EXTERNAL_DOWNLOADS]: The skill's installation instructions include a command to fetch the skill's source markdown from a GitHub repository using curl.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 03:24 PM