blockbench-animation
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists solely of markdown documentation and tool definitions without any executable scripts or implementation code.
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive files, hardcoded credentials, or unauthorized network operations were detected.
- [Remote Code Execution] (SAFE): No patterns for downloading or executing remote scripts or packages are present.
- [Indirect Prompt Injection] (INFO): The skill defines an interface for processing user-supplied animation data (e.g., bone_name and keyframes in SKILL.md). Evidence: Ingestion points: create_animation, manage_keyframes; Boundary markers: Absent; Capability inventory: None (no subprocess, file-write, or network calls identified in content); Sanitization: Absent. The lack of execution capabilities renders this surface non-exploitable.
Audit Metadata