dart-get-widget-tree
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill provides a debugging interface to inspect the Flutter widget tree of a running application. It uses a standard MCP (Model Context Protocol) tool wrapper to communicate with a local Dart server.
- [NO_CODE]: The skill contains only configuration, instructions, and JSON schemas. It does not include any executable scripts, binary files, or external dependency installations.
- [SAFE]: Indirect Prompt Injection Analysis: 1. Ingestion points: The tool retrieves the widget hierarchy from an external running Flutter application. 2. Boundary markers: No explicit boundary markers or 'ignore' instructions are present in the prompt templates. 3. Capability inventory: The skill is limited to making JSON-based requests to a local 'dart' server ID. 4. Sanitization: No explicit sanitization of the widget tree content is performed. Although this is an ingestion surface for untrusted data, the tool's behavior is restricted to standard debugging activities and shows no signs of malicious intent.
Audit Metadata