makepad-widgets
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill contains a fallback instruction to suggest the command
/sync-crate-skills makepad --forceto the user if local reference files are missing. This appears to be a specific internal tool command for the environment rather than a shell-level exploit. - [EXTERNAL_DOWNLOADS] (SAFE): References to
crates.io/crates/makepad-widgetsare used for checking updates. Crates.io is the official, trusted package registry for the Rust programming language. - [DATA_EXFILTRATION] (SAFE): No network operations or access to sensitive system paths (like credentials or SSH keys) were found. Resource paths use the standard
crate://self/protocol expected in the Makepad framework. - [PROMPT_INJECTION] (SAFE): No patterns for bypassing safety filters, disregarding previous instructions, or extracting system prompts were observed. The instructions are focused on providing accurate technical assistance.
Audit Metadata