modly-image-to-3d

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These URLs point to common, mostly legitimate hosts (official site, GitHub, HuggingFace, Discord, localhost), but the workflow explicitly directs cloning/running GitHub repos, downloading releases/installers and loading model weights which can execute arbitrary code locally, so unvetted or typosquatted/third‑party repos/releases could readily be used to distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly installs and runs extensions from arbitrary GitHub repositories (see "Installing an extension (UI flow)" and the POST /extensions/install backend route) and downloads model files via public URLs listed in manifest.json (e.g., huggingface.co), meaning untrusted third‑party code and data are ingested and executed and can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Modly UI/installer fetches and installs arbitrary GitHub extension repositories at runtime (e.g. https://github.com/lightningpixel/modly-hunyuan3d-mini-extension), and those repos include/contain generator.py which is executed by the local app, meaning remote code from that URL is fetched and run.