shadcn-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow instructs using the shadcn CLI to fetch components from remote registries (e.g., "npx shadcn@latest add " and copying from ui.shadcn.com) and to configure components.json/registry URLs (including arbitrary registry URLs), so it clearly ingests untrusted third‑party registry/component content that can influence installs and subsequent behavior.