component-search
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches component metadata and source code from 21st.dev. This is a legitimate service for React developers and is required for the search functionality.
- [SAFE]: Reads the local
package.jsonfile to identify the project's framework and styling context, ensuring that recommended components are compatible with the existing environment. - [PROMPT_INJECTION]: Ingests external data from the 21st.dev registry. While this creates a surface for indirect prompt injection, the skill acts as a delivery mechanism for information and does not possess capabilities for autonomous command execution.
Audit Metadata