three-js
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns, obfuscation, or unauthorized access attempts were found. The skill is limited to providing instructional guidelines for software development.
- Indirect Prompt Injection (INFO): The skill is designed to process user requirements to generate code. While it contains no exploitable capabilities such as file system access or network operations within this specific instruction set, it remains a surface for indirect injection if used alongside other tools with side effects.
- Dependency Analysis (SAFE): The skill mentions 'drei', 'Three.js', 'React Three Fiber', and 'Next UI', which are well-known and standard libraries in the web development ecosystem.
Audit Metadata