spectacles-connected-lenses
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides technical documentation and code samples for official Snapchat developer tools including ConnectedLensesModule, LensCloud, and SpectaclesSyncKit. No malicious patterns, obfuscation, or unauthorized data access techniques were identified.
- [PROMPT_INJECTION]: The skill describes networking APIs that ingest data from other users, which technically presents a surface for indirect prompt injection. However, the documentation proactively addresses this by teaching developers how to implement robust validation logic.
- Ingestion points: Data is ingested via
RealtimeStore.onValueChanged(SKILL.md) andNetworkEventSystem.on(references/sync-kit-components.md). - Boundary markers: Not applicable to this type of API reference.
- Capability inventory: Capability is limited to updating local game states, UI elements, and physics object transforms within the AR environment.
- Sanitization: The skill provides explicit examples of input validation, checking data types with
typeofand ensuring numeric values are within safe ranges usingisFiniteand bounds checks.
Audit Metadata