ui-styling
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The script scripts/shadcn_add.py executes npx commands via subprocess.run to install UI components. This is the intended primary functionality of the skill and follows safe implementation practices by using list-based arguments instead of shell strings to prevent injection.
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation and installation scripts facilitate downloading dependencies from the npm registry. These are standard operations for frontend development and are restricted to well-known libraries.
- [PROMPT_INJECTION] (LOW): The file references/canvas-design-system.md uses instructional steering by simulating user feedback history ("User already said: 'It isn't perfect enough...'") to influence the agent's creative quality. This is a common prompt-engineering technique for output refinement and does not bypass safety constraints.
Audit Metadata