shadcn
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
npx shadcn@latestCLI to retrieve project context (via theinfocommand) and to search for or install UI components. This is a standard and intended use case for the tool within its primary purpose of design system management. - [EXTERNAL_DOWNLOADS]: The skill fetches component documentation, API references, and code examples from the official
ui.shadcn.comregistry and associated GitHub repositories. These sources are considered well-known and trusted technology services. - [REMOTE_CODE_EXECUTION]: By running
npx shadcn@latest, the skill executes code retrieved from the npm registry. This is the official distribution method for the tool and is performed to ensure the project uses the latest stable configuration and component templates. - [PROMPT_INJECTION]: The skill ingests external data from component documentation and community registries, which represents a surface for indirect prompt injection. To mitigate this risk, the skill explicitly instructs the agent to audit added files, verify imports, and use the CLI's
--dry-runand--diffflags to inspect upstream changes before applying them to the local project.
Audit Metadata