Skill Detail

shadcn/ui

This skill provides UI components and design systems. It adds components as source code to your project using a command-line interface.

GitHub:sickn33/antigravity-awesome-skills shadcn
version dba769011b52
static analysis only
no human review yet
Use Caution

Current public label

Use Caution

The skill's documentation mentions secrets and external endpoints, which suggests it might handle sensitive information or interact with external services.

This label is currently coming from the automated scorecard.

Automated result

Use Caution

The scan found low-severity documentation-style references to secrets and external endpoints.

4 low Final label: use caution.

Human review

No human review has been recorded yet.

The current public label is still relying on automation. A human has not weighed in yet.

What happened

Driftloom completed a static scan. It inspected the skill files, recorded findings, and generated a scorecard.

Runtime evidence

No sandbox runtime result has been recorded yet.

Driftloom currently recommends runtime testing for this version (priority 40).

What did not happen

  • Driftloom did not run this skill in an isolated sandbox yet.
  • This label is not a guarantee that the skill is safe, bug-free, or appropriate for every environment.
  • A good score does not replace human judgment when a skill touches secrets, shell access, or external systems.

Source provenance

Source: Workspace import

Originally ingested from a local workspace copy.

Scorecard

Safety
82
Quality
100
Transparency
94
Operational
92
Maintenance
82

4 low Final label: use caution.

Severity mix: 4 low

What Driftloom checked

  • Read the skill files and metadata to understand what the skill claims to do.
  • Looked for shell commands and risky command patterns, even if none stood out strongly.
  • Looked for external URLs, network calls, and signs the skill reaches outside the machine.
  • Looked for secret, token, password, and credential references.
  • Checked whether the skill structure and references looked internally consistent.

Findings

Secret or credential reference detected
secret.reference · safety
Low

The docs mention credentials or secrets. That may be normal, but it still tells you the skill expects sensitive material somewhere in the workflow.

File: rules/composition.md
Evidence: password
Secret or credential reference detected
secret.reference · safety
Low

The docs mention credentials or secrets. That may be normal, but it still tells you the skill expects sensitive material somewhere in the workflow.

File: rules/forms.md
Evidence: password
Secret or credential reference detected
secret.reference · safety
Low

The docs mention credentials or secrets. That may be normal, but it still tells you the skill expects sensitive material somewhere in the workflow.

File: rules/styling.md
Evidence: token
Explicit external endpoint reference detected
network.url_reference · transparency
Low

The docs reference an external endpoint or network flow in a context that likely matters to how the skill operates.

File: cli.md
Evidence: https://api.npoint.io/abc123
Driftloom is following the boring, correct architecture: Django control plane first, isolated runner later. Miraculously, restraint survives.