shadcn-detection
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local detection script and recommends using standard package runners (npx, bunx, pnpm dlx, yarn dlx) to execute the shadcn CLI. These operations are standard for developer utilities and are restricted to project-specific tasks.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) as it ingests untrusted data from local project files to drive its detection logic.
- Ingestion points: Project configuration files (package.json, components.json), source code files, and package manager lockfiles.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when reading project files.
- Capability inventory: The skill utilizes Read, Glob, Grep, and Bash tools across its workflow.
- Sanitization: No specific validation or sanitization of the untrusted project file contents is documented before processing by the detection script.
Audit Metadata