Skills
skills/modu-ai/cc-plugins/moai-library-shadcn/Snyk

moai-library-shadcn

Warn

Audited by Snyk on Feb 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill's ShadcnUIArchitectOptimizer explicitly fetches latest shadcn/ui and React documentation via Context7 and references external schema/docs (e.g., ui.shadcn.com, radix-ui.com), so the agent ingests public third-party web content at runtime which could carry indirect prompt injection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 10:38 AM