ar-vr-design
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the user to execute 'arvr-cli', a third-party command-line utility. While necessary for the skill's functionality, the binary's provenance and safety are not established within the metadata.
- [DATA_EXFILTRATION]: The skill uses 'curl' to interact with 'api.openclaw.com'. This is a non-whitelisted external domain used to transmit model data and metadata via Authorization headers.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its data processing workflow.
- Ingestion points: The skill imports and parses 3D model files in GLTF and OBJ formats from local storage or external sources.
- Boundary markers: No delimiters or safety instructions are present to prevent the agent from interpreting instructions embedded within the 3D model metadata or geometry data.
- Capability inventory: The skill can execute shell commands through the 'arvr-cli' and perform network operations using 'curl'.
- Sanitization: There is no evidence of content validation or sanitization for the 3D assets before they are processed by the integrated tools.
Audit Metadata