shadcn
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- External Component Ingestion: The skill describes workflows for importing component source code from remote URLs (e.g., from elements.ai-sdk.dev). This capability represents an ingestion point where external data enters the project context (SKILL.md) and can influence the local codebase. While the referenced registries are trusted, this pattern is a known surface for indirect prompt injection.
- CLI Command Execution: The skill utilizes npx to execute the shadcn CLI and create-next-app for project initialization and component management. These commands are standard for the shadcn/ui ecosystem and are used to manage local project structure and dependencies.
- Environment Variable Usage: The configuration examples include the use of placeholders like ${REGISTRY_TOKEN} for authorization headers. This follows best practices for managing credentials via environment variables rather than hardcoding sensitive information.
Audit Metadata