styling-with-shadcn
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill utilizes 'npx shadcn@latest' for initialization and component installation. This pattern involves fetching and executing code from the public npm registry. While standard for the shadcn/ui ecosystem, it is an external dependency execution point.
- [COMMAND_EXECUTION] (SAFE): The verification script 'scripts/verify.py' performs benign local file system checks to ensure documentation files are present. It does not spawn dangerous subprocesses or access sensitive data.
- [PROMPT_INJECTION] (SAFE): No malicious instructions, role-play attempts, or system prompt extraction patterns were found in the markdown or metadata.
Audit Metadata