react-three-game
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The analyzed files consist of technical documentation and rules for using a 3D scene library. No indicators of prompt injection, data exfiltration, or unauthorized command execution were found.
- [PROMPT_INJECTION]: No instructions attempting to bypass safety filters or override agent behavior were identified.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected.
- [REMOTE_CODE_EXECUTION]: The skill does not contain patterns for downloading or executing remote code from untrusted sources.
- [SAFE]: Analysis of potential Indirect Prompt Injection attack surface (Category 8): Ingestion points for untrusted data were identified in the prefab JSON loading functionality of PrefabRoot and PrefabEditor; however, the skill's capabilities are restricted to 3D rendering and asset management. There is no evidence of command execution, file system access, or network exfiltration being exposed to this data. Input is constrained by TypeScript interface definitions.
Audit Metadata