widgets-ui
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npx shadcn@latest add https://ui.inference.sh/r/widgets.jsonto install UI components. This is a standard practice for shadcn/ui components and the source domain (inference.sh) belongs to the service provider described in the skill. This does not escalate the verdict per the trust-scope-rule for well-known services. - [COMMAND_EXECUTION]: Provides instructions for users to run
npx skills addto install related tools. These are informational commands for the developer to use, and not automated malicious execution. - [DATA_EXFILTRATION]: No patterns of sensitive data access or exfiltration were detected. The image components and documentation links point to the vendor's primary infrastructure.
Audit Metadata