shadcn-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes the agent to untrusted third-party content because its runtime commands (e.g., list_components, get_component, get_component_demo, get_block and the npx shadcn@latest add flow) fetch component source code, demos and registry items from the Registry Directory or custom registries (external/public registries) that the agent is expected to read and integrate.