ui-styling
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/shadcn_add.pyusessubprocess.runto execute the officialnpx shadcn@latest addcommand. This is a legitimate use of command execution to automate UI component installation from a well-known service. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of UI components and configuration from the official shadcn/ui registry using the standard
npxpackage runner. These downloads originate from a well-known and trusted technology provider. - [SAFE]: The skill's configuration generator (
scripts/tailwind_config_gen.py) produces standard Tailwind CSS configuration files using safe string manipulation. No evidence of obfuscation, hardcoded credentials, or unauthorized network operations was found across the 43 files analyzed.
Audit Metadata