The Agent Skills Directory

[COMMAND_EXECUTION]: The skill explicitly instructs the agent in Step 2.3 to 'Immediately execute the final npx command in the terminal' using the command string generated by the shadcnVue MCP tool. This represents automated shell execution without human-in-the-loop verification.\n- [REMOTE_CODE_EXECUTION]: The package installation via npx is triggered by component names extracted from the remote design_file_url. While validation steps are included, the automated execution of package installation commands derived from untrusted external data remains a security concern.\n- [EXTERNAL_DOWNLOADS]: The workflow relies on fetching potentially untrusted content from a remote URL provided as a parameter (design_file_url).\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the ingested design file.\n
Ingestion points: The design_file_url is passed to the get_dsl tool, which saves the content to dsl.json for subsequent processing.\n
Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the contents of dsl.json as untrusted data or to ignore embedded instructions.\n
Capability inventory: The agent has the ability to execute shell commands (npx), read local configuration files (src/style.css), and write/modify Vue component files.\n
Sanitization: The instructions attempt to mitigate risk by requiring validation of extracted names against an official registry fetched via shadcnVue_list_items_in_registries.

component-creater