shadcn-tailwind

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Installation & CLI" section and references/components.md "Namespaced Registries" explicitly show CLI commands (e.g., npx shadcn add/view/search) and registry URLs like https://acme.com/r/{name}.json that fetch component metadata/code from community or public registries, so the agent would ingest untrusted third‑party content that can materially affect subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime CLI commands (e.g., "npx shadcn@latest" / "pnpm dlx shadcn@latest") and example registries that the CLI will fetch at runtime (e.g., https://acme.com/r/{name}.json and https://registry.company.com/{name}), which means external HTTPS endpoints are contacted and remote packages/manifests are fetched and executed by the tooling—so these URLs are runtime external dependencies that can cause remote code execution.