3d-web-experience
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill provides instructions for installing the
@gltf-transform/clipackage via npm and references other standard frontend libraries such as@react-three/fiberandgsap. These are well-established tools in the 3D development ecosystem. - INDIRECT_PROMPT_INJECTION (LOW): The skill defines patterns for ingesting external 3D data (GLB/GLTF models and Spline scenes). 1. Ingestion point: asset loading via
useGLTFand Spline URLs. 2. Boundary markers: None present in code snippets. 3. Capability inventory: Shell command execution for model optimization (gltf-transform). 4. Sanitization: None. This is a standard functional requirement for 3D development with low risk of agent compromise.
Audit Metadata