Skills
skills/aradotso/trending-skills/alayarenderer-generative-world/Gen Agent Trust Hub

alayarenderer-generative-world

Warn

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones an external repository from https://github.com/ShandaAI/AlayaRenderer.git and downloads pre-trained model weights from HuggingFace users Brian9999/world_inverse_renderer and Brian9999/stylerenderer. These external sources are not part of the verified trusted vendor list.
  • [REMOTE_CODE_EXECUTION]: The instructions guide the agent to run Python scripts (run_inverse.py and inference_gbuffer_caption.py) that are part of the downloaded repository. Executing third-party code from unverified repositories carries an inherent risk of running malicious instructions.
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands to set up the environment, including git clone, conda create, and huggingface-cli. It also invokes Python scripts for the primary rendering tasks.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: Untrusted data enters via the --prompt argument and --input video path. Boundary markers: None are present to delimit user input or warn the agent. Capability inventory: The skill performs shell command execution and script execution. Sanitization: No sanitization or validation of input prompts or video files is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 8, 2026, 10:29 AM