The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to download a project template from the official shadcn-ui GitHub repository using 'npx degit shadcn-ui/registry-template'. This is a well-known and trusted source for this specific developer toolset.
[COMMAND_EXECUTION]: The skill guides the user to install and run the official 'shadcn' CLI package from NPM ('npm install shadcn@latest'). These are standard operations for the tool's intended purpose and target well-known package registries.
[DATA_EXPOSURE]: The documentation describes how to configure environment variables and authentication headers (e.g., '${INTERNAL_TOKEN}') for private registries. This is provided as configuration guidance for the user's environment and does not involve the skill itself exfiltrating or hardcoding sensitive credentials.
[REMOTE_CODE_EXECUTION]: The skill mentions that components can depend on remote URLs (e.g., 'https://example.com/r/remote-dep.json'). While this represents a data ingestion surface common to the shadcn ecosystem, the skill provides neutral documentation of the feature without introducing malicious execution patterns.

shadcn-registry