Open Social - beware

Earlier, I used to think someone would have to crawl through social networking profile pages, collect information and then could try out social engineering or ID theft attack but now with the announcement of OpenSocial, it should be more easy since you have API's to access profile information. I haven't completely gone through the API docs, but from a glance, I could see methods to access user profiles. The docs seems to talk about the functionalities and don't refer to any of the Security challenges in OpenSocial. Does that mean that there are no security concerns in OpenSocial ? . So what if someone develops a gadget using OpenSocial api's with security flaws (maybe say XSS) ?? will Google validate all the gadgets for common web application security flaws ??