The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill frequently directs the agent to run commands such as npx shadcn@latest add, bunx shadcn, and bun add. These commands execute external scripts and install packages from NPM. In a development environment, this is standard behavior, but it remains a primary vector for supply chain attacks if dependencies or the CLI tools themselves are compromised.
[EXTERNAL_DOWNLOADS] (MEDIUM): Workflows in add-component.md and cli-registry.md explicitly instruct the agent to install components from third-party URLs, specifically community registries at https://shadcn.io/r/*.json. Since these are not official Radix or Shadcn core domains, they present a risk of downloading and injecting unverified code into the local project.
[REMOTE_CODE_EXECUTION] (LOW): The fundamental nature of the shadcn CLI—which this skill automates—is to fetch remote component code and place it into the project's filesystem. This constitutes a remote code ingestion and execution surface that is inherently part of the tool's functionality but warrants caution when used with non-official registries.

shadcn-ui