physics-rendering-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: A comprehensive audit of the skill's instructions and reference files reveals no evidence of malicious behavior. The code implementations for PBD, Verlet integration, and quaternion mathematics are technically accurate and serve the skill's stated purpose without hidden functionality.\n- [PROMPT_INJECTION]: The skill presents a theoretical surface for indirect prompt injection due to the inclusion of web-based tools (firecrawl, WebFetch) alongside powerful execution tools (Bash). However, the skill contains no instructions that would trigger the execution of untrusted external content, and no specific injection vectors were detected.\n
- Ingestion points: The agent can fetch data from external sources using 'mcp__firecrawl__firecrawl_search' and 'WebFetch'.\n
- Boundary markers: The skill does not explicitly define markers to segregate or ignore instructions within fetched data.\n
- Capability inventory: The agent has access to 'Bash', 'Write', and 'Edit' tools, which are high-capability.\n
- Sanitization: No explicit sanitization or validation of data retrieved from the web is defined in the skill logic.
Audit Metadata