The Agent Skills Directory

[REMOTE_CODE_EXECUTION] (HIGH): The mandatory protocol to use bun x shadcn-ui@canary enables the download and execution of arbitrary code from the npm registry without prior manual review. This constitutes a direct RCE vector from an external, untrusted source.
[EXTERNAL_DOWNLOADS] (MEDIUM): The skill explicitly relies on the canary tag of the shadcn-ui CLI, which pulls unverified, pre-release code into the development environment that has not undergone stable release security checks.
[COMMAND_EXECUTION] (MEDIUM): The skill references external shell and TypeScript scripts (scripts/init-tailwind4.sh, scripts/sync-ui-themes.ts) for scaffolding and synchronization. These scripts were not provided in the analyzed context, and their security posture remains unverified.
[PROMPT_INJECTION] (HIGH): The skill is vulnerable to indirect injection. 1. Ingestion: User UI requirements and design tokens. 2. Boundary markers: Absent. 3. Capability inventory: bun x (RCE) and local file-system modification. 4. Sanitization: Absent. An adversarial prompt could manipulate the agent into executing malicious code via the provided CLI or scripts.

shadcn-ui-expert