shadcn-components
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its integration with external registry data.
- Ingestion points: The skill utilizes
mcp__shadcn__search_items_in_registries,mcp__shadcn__view_items_in_registries, andmcp__shadcn__get_item_examples_from_registriesto bring content from external repositories into the agent context. - Boundary markers: The instructions do not include explicit delimiters or instructions for the agent to ignore or isolate instructions that may be present in the fetched registry items.
- Capability inventory: The agent is granted
Write,Edit, andTasktools, allowing it to modify the local filesystem and execute commands based on the content retrieved from external sources. - Sanitization: There are no explicit sanitization or content-validation steps defined for the data returned by the shadcn MCP tools before it is processed by the agent.
Audit Metadata