creating-shapes
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): The skill utilizes a
build(code=...)tool to execute dynamically generated Python scripts at runtime. This 'Script generation + execution' pattern is inherently risky as it relies on the robustness of the sandbox environment to prevent unauthorized actions or resource exhaustion during the building process. - [PROMPT_INJECTION] (MEDIUM): The skill presents an Indirect Prompt Injection surface by transforming natural language parameters into executable Python logic. Evidence Chain: (1) Ingestion point: User-provided dimensions and geometry descriptions. (2) Boundary markers: No delimiters or explicit 'ignore instruction' warnings are present in the code generation examples. (3) Capability inventory: Python code execution via the
buildtool and Minecraft command execution. (4) Sanitization: The skill relies on stated sandbox limits (blacklisting 'import', 'def', etc.) which may be bypassable through sophisticated injection techniques. - [COMMAND_EXECUTION] (LOW): The skill generates and issues Minecraft console commands (e.g., '/setblock', '/sphere'). While this is functional, it constitutes an automated path for the agent to modify the environment state based on potentially untrusted input.
Audit Metadata