shadcn-ui
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses the Bash tool to execute
npx,rm, and a local project script (../scripts/safe-start.sh). These operations are necessary for the primary purpose of managing UI components and restarting the development environment. - [EXTERNAL_DOWNLOADS] (SAFE): The skill invokes
npx shadcn@2.3.0, which downloads the ShadCN CLI from the official npm registry. This is a standard development practice for adding UI libraries. - [PROMPT_INJECTION] (SAFE): The skill interpolates user-provided component names into shell commands. While this creates a vulnerability surface for indirect prompt injection, it is essential for the skill's functionality and is considered safe within the context of developer-led component installation.
- Ingestion points:
{component}variable in the installation and deletion commands. - Boundary markers: Absent; the component name is directly interpolated.
- Capability inventory: File system modification (
rm), external package execution (npx), and local script execution. - Sanitization: Absent; the skill relies on the user providing valid component names.
Audit Metadata