blockbench-mcp-overview
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The documentation defines a
risky_evaltool specifically for executing code directly within the Blockbench application (e.g.,risky_eval: code="Cube.all.length"). This capability allows for dynamic execution of arbitrary logic. - [PROMPT_INJECTION] (LOW): The skill functions as an interface for processing external 3D model data, textures, and Hytale assets. This creates an indirect prompt injection surface where malicious instructions embedded in model metadata could potentially influence the code passed to the
risky_evaltool.
Audit Metadata