tailwind-v4-shadcn
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard package installations via NPM for well-known libraries such as 'tailwindcss', 'react', and 'vite'. It also instructs the use of 'npx shadcn@latest', which is the official initialization tool for the shadcn/ui library.
- [COMMAND_EXECUTION] (SAFE): The setup guide provided in the skill includes shell commands for package installation and project initialization. These are standard developer operations and do not utilize high-risk parameters or piped remote executions.
- [DATA_EXPOSURE] (SAFE): The 'theme-provider.tsx' template utilizes 'localStorage' and 'sessionStorage' to persist theme preferences (light/dark/system). This is a standard and benign use of client-side storage for UI state management.
- [SAFE] (SAFE): A comprehensive review of the 10 threat categories confirms no evidence of prompt injection, obfuscation, privilege escalation, or persistence mechanisms. The skill's behavior is consistent with its stated purpose of assisting in frontend project scaffolding.
Audit Metadata