3d-modeling
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface related to processing external assets.
- Ingestion points: Imports external files using 'bpy.ops.import_scene.obj' and the Blender CLI for '.blend' files.
- Boundary markers: Script examples do not include delimiters or instructions for the agent to ignore embedded commands in imported data.
- Capability inventory: The environment provides access to the full Blender Python API ('bpy') and subprocess execution.
- Sanitization: No explicit sanitization or validation of imported 3D asset content is performed in the provided examples.
- [COMMAND_EXECUTION]: Provides patterns for running Blender in background mode and executing Python scripts via the CLI for automation.
- [EXTERNAL_DOWNLOADS]: References the installation of the 'bpy' package via pip, which is a standard library for Blender integration.
Audit Metadata