shadcn-component-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (INFO): The skill is designed to analyze untrusted external source code, creating an inherent attack surface. * Ingestion points: User-provided React component files analyzed via the instructions in SKILL.md and references/review-checklist.md. * Boundary markers: Absent; there are no specific delimiters defined to wrap untrusted content. * Capability inventory: The skill is limited to reasoning and generating feedback; no file-system write, network, or subprocess execution capabilities were identified. * Sanitization: Absent; the skill relies on the agent's internal logic to interpret the content as data rather than instructions.
- External Downloads (INFO): The documentation refers to community-standard tools such as 'npx shadcn' and various theme-generation websites. While these involve external code, they are standard resources in the React ecosystem and are not used here for automated or hidden malicious downloads.
Audit Metadata