UI/UX Design Guide
PassAudited by ClawScan on May 1, 2026.
Overview
This is a benign UI/UX guidance skill; its only notable security consideration is optional npm setup commands users should run deliberately.
This skill appears safe as an instruction-only UI/UX reference. If you follow its project setup snippets, treat them like any npm-based scaffolding command: run them intentionally, in a clean project directory, and review the generated files before committing or deploying.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user runs these commands, external npm packages may create or modify project files and install dependencies.
These are user-facing setup examples that would retrieve and execute npm packages at their latest versions if run. This is purpose-aligned for setting up a Tailwind/Shadcn UI project, but users should recognize it as external package execution.
npx create-next-app@latest project-name --typescript --tailwind --app ... npx shadcn@latest init
Run the setup commands only in the intended project directory, review generated changes, and pin package versions if reproducibility or supply-chain control matters.