shadcn-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs the agent to use shadcn MCP tools and CLI commands (e.g., list_components, get_component, get_block and npx shadcn@latest add) to retrieve component and block source code and demos from registries/GitHub/public registries, which are third‑party, user-authored resources that the agent would read and interpret at runtime.