shadcn
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill documentation and usage pattern suggest running 'npx shadcn-ui@latest'. This command downloads and executes the latest CLI tool from the npm registry. While this is the official installation method for shadcn/ui, it introduces a dependency on external code that is fetched at runtime without version pinning.
- [COMMAND_EXECUTION] (LOW): The skill requires 'Bash' and 'Write' permissions to install components and modify the project structure. These are high-privilege tools necessary for UI development but should be monitored for misuse in the context of broader agent instructions.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill operates on React and Next.js source code (Write/Edit/Bash). While it does not explicitly ingest untrusted data from APIs or web scraping in its definition, any agent using this skill to refactor code based on untrusted user input or PR descriptions faces a low-tier risk of instructions embedded in that code influencing the agent's behavior.
Audit Metadata