widgets-ui
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access attempts were detected. The skill's behavior aligns perfectly with its stated purpose of providing a declarative UI rendering system.
- [EXTERNAL_DOWNLOADS]: The skill references downloading component definitions from the vendor's registry using the command
npx shadcn@latest add https://ui.inference.sh/r/widgets.json. This is a standard installation procedure for modern UI libraries and targets the vendor's own infrastructure. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection because it renders UI based on agent-generated JSON data. However, this is the intended primary purpose of the skill. The risk of phishing or misleading UI is inherent to generative UI systems and is mitigated here by the requirement for developers to manually implement action handlers (e.g.,
onAction) in their application code. - Ingestion points: The
WidgetRenderercomponent accepts awidgetprop containing structured JSON (SKILL.md). - Boundary markers: None explicitly defined in the JSON schema, which is typical for data-driven UI components.
- Capability inventory: The skill can render interactive forms, buttons, and images, and capture user input via a callback function.
- Sanitization: The skill assumes standard React escaping for text values; additional data validation is expected to be handled by the developer in the
onActioncallback.
Audit Metadata