shadcn-layouts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No attempts to override system instructions or bypass safety filters were detected. The instructions are focused purely on CSS layout mental models.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or access to sensitive file paths (~/.ssh, .env, etc.) were found. No network operations were detected.
- Obfuscation (SAFE): The file contains clear, readable markdown and code snippets without any encoding tricks or hidden characters.
- Unverifiable Dependencies (SAFE): The skill references
npx shadcn add, which is the standard command-line interface for the shadcn/ui library. It does not attempt to execute remote scripts or install unknown packages. - Privilege Escalation (SAFE): No commands requiring elevated privileges (sudo, chmod) are present.
- Persistence Mechanisms (SAFE): The skill does not modify shell profiles, system services, or scheduled tasks.
- Indirect Prompt Injection (SAFE): While the skill processes user layout requests, it lacks the combined capability tier (like network writing or file modification) required for a significant indirect injection risk. It acts as a template provider.
Audit Metadata