Skills
skills/uzhussain/ant-to-shadcn/ant-to-shadcn-migration/Gen Agent Trust Hub

ant-to-shadcn-migration

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): Multiple files (e.g., rules/setup-shadcn-install.md, rules/setup-shadcn-mcp.md) instruct the agent to install numerous npm packages and run CLI tools. Since the shadcn-ui registry and various utility maintainers (TanStack, Lucide, etc.) are not on the specific 'Trusted Organizations' list, these are identified as unverifiable external downloads. Severity is dropped to MEDIUM for the final verdict as this is the core function of the migration skill.
  • REMOTE_CODE_EXECUTION (HIGH): The skill frequently uses the npx command to initialize and add components (e.g., npx shadcn-ui@latest init). This execution of remote scripts from non-whitelisted registries represents a high-risk pattern. Severity is dropped to MEDIUM for the final verdict as these tools are standard for the migration use case.
  • COMMAND_EXECUTION (HIGH): The rule rules/setup-shadcn-mcp.md directs the agent to execute commands that modify local workspace configuration files (.cursor/mcp.json) to enable MCP servers, which could be exploited to grant the agent persistent external capabilities.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to analyze existing source code, router configurations, and authentication logic (rules/layout-auth-discovery.md). This creates an ingestion surface where malicious instructions embedded in the processed project files could attempt to influence agent behavior.
  • Ingestion points: Project source code, router configs, and asset directories.
  • Boundary markers: Absent; the instructions do not specify delimiters for the code being analyzed.
  • Capability inventory: File system writes, package installations, and remote script execution.
  • Sanitization: Absent; the skill does not explicitly describe validation or sanitization of the project code it processes.
  • DYNAMIC_EXECUTION (LOW): The skill generates boilerplate React components and CSS layouts based on predefined templates (e.g., rules/components-pagination.md). This is a standard part of the migration process and poses minimal risk when using known static templates.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:26 PM