Michael Howard and I have written up some guidance on how to develop secure Vista Sidebar Gadgets:

Inspect Your Gadget