meshy-3d-generation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user for their API key and includes commands and scripts that embed that key verbatim (e.g., export/persist lines, curl verifications, and prints partial key values), meaning the agent may need to handle or output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and fetches arbitrary public URLs and user-generated assets (e.g., "image_url"/"image_urls" in the Image-to-3D and Multi-Image workflows, "model_url" in Remesh/Retexture, and the Enterprise "showcases" endpoint) as required inputs and downloads/inspects their outputs as part of the normal workflow, so untrusted third‑party content can influence generation and subsequent tool actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill does not request sudo or create users but it explicitly tells the agent to "bypass any system proxy settings" (SESSION.trust_env = False) and to persist API keys into shell profiles, which are instructions that alter the host environment and bypass a security mechanism, so it poses a moderate compromise risk.