shadcn-ui
Warn
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The reference documentation (references/official-ui-reference.md, references/ui-reference.md) instructs the agent to install the 'tw-animate-css' package. This package is not part of the official shadcn/ui distribution (which uses 'tailwindcss-animate') and its origin is unverifiable, presenting a supply-chain risk.
- [REMOTE_CODE_EXECUTION]: The skill provides patterns and examples for installing UI components from arbitrary remote URLs using the 'npx shadcn add' command. This bypasses standard registry checks and enables the execution of remote code from unverified external sources.
- [COMMAND_EXECUTION]: The skill utilizes the 'Bash' tool to perform sensitive project operations, including initializing projects and executing remote code via the shadcn CLI and npm/pnpm package managers.
- [PROMPT_INJECTION]: The skill includes URLs containing 'llms.txt' paths (e.g., in references/reference.md). These files are designed to provide instructions to Large Language Models and could be used to deliver indirect prompt injections if the agent attempts to retrieve and process their content.
Audit Metadata