shadcn-setup
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/setup.pyexecutes system commands viasubprocess.runto manage project dependencies and install UI components usingbunandbunx. These operations are transparent, hardcoded, and consistent with the skill's stated purpose of environment configuration. - [EXTERNAL_DOWNLOADS]: The skill triggers the installation of several well-known and official packages (e.g.,
tailwindcss,clsx,lucide-react) from public registries. These are legitimate resources required for the functionality of the targeted UI framework.
Audit Metadata