Skills
skills/aradotso/trending-skills/modly-image-to-3d/Gen Agent Trust Hub

modly-image-to-3d

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The application features an extension system that installs and executes Python code from arbitrary GitHub repositories. Specifically, the backend downloads repositories containing a 'generator.py' file which is then invoked by the local FastAPI server. This architecture allows for the execution of unverified third-party code on the user's machine.
  • [EXTERNAL_DOWNLOADS]: The installation instructions require cloning a repository from 'github.com/lightningpixel/modly' and downloading multiple dependencies through package managers such as npm and pip.
  • [COMMAND_EXECUTION]: The skill requires the execution of shell and batch scripts ('launcher.sh', 'launcher.bat') for installation and startup, and instructs the user to manually modify file permissions using 'chmod'.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 04:38 AM