shadcn-ui
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to executenpx shadcncommands for project initialization and component installation. It also includes a utility scriptscripts/verify-setup.shwhich performs benign checks on the local project structure, such as verifying the presence ofcomponents.json, Tailwind configurations, and TypeScript path aliases. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of UI components and peer dependencies from the shadcn registry. These operations are performed via the
shadcnCLI andnpx, which are well-known technology tools. Additionally, installation instructions reference a repository under thegoogle-labs-codeorganization, which is associated with a trusted vendor. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a potential surface for indirect prompt injection as it retrieves external component source code and documentation for processing.
- Ingestion points: External content is ingested via the
web_fetchtool and MCP tools likeget_component,get_block, andsearch_items_in_registries. - Boundary markers: Absent; the instructions do not include specific delimiters or warnings to ignore instructions potentially embedded within the retrieved component code.
- Capability inventory: The agent has
Bashexecution,Writeaccess to the local filesystem, andweb_fetchcapabilities. - Sanitization: Absent; the skill does not explicitly implement content validation or sanitization for the retrieved source code before it is written to the project.
Audit Metadata