Skills
skills/tapforce/agents-skills/tapforce-shadcn-blocks/Gen Agent Trust Hub

tapforce-shadcn-blocks

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): Use of 'pnpm dlx shadcn-svelte@latest' executes unverified code from the npm registry at runtime.
  • [PROMPT_INJECTION] (HIGH): The skill ingests data from an external URL (shadcn-svelte.com/blocks) and uses it to perform file operations and command execution. Evidence: 1. Ingestion points: External website content. 2. Boundary markers: None. 3. Capability inventory: pnpm dlx command execution and file system move operations. 4. Sanitization: None. This allows for indirect prompt injection where an attacker controlling the site could trigger malicious local actions.
  • [COMMAND_EXECUTION] (MEDIUM): Directs the agent to move files within the project structure based on external documentation instructions, posing a risk of unauthorized file overwrites.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:26 AM