usd-editor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill guides the agent in using standard USD command-line utilities (usdcat, usdchecker, usdrecord, etc.) to perform file manipulation and inspection. These tools are used for their intended purpose and do not involve suspicious execution patterns.
- [Indirect Prompt Injection] (SAFE): The skill provides a surface for processing external USD-compatible files which could contain untrusted data. However, the skill leverages validation tools and does not pass data into high-risk sinks.
- Ingestion points: Input file paths for USD CLI tools specified in references/usdcat.md, references/usdchecker.md, and other tool guides.
- Boundary markers: None identified in the instructional content.
- Capability inventory: Subprocess execution of the local USD tool suite for rendering, conversion, and validation.
- Sanitization: Relies on the built-in validation and parsing logic of the OpenUSD library and utilities like usdchecker.
- [Data Exposure & Exfiltration] (SAFE): There are no hardcoded credentials, sensitive file path accesses, or unauthorized network communication patterns identified in the skill content.
Audit Metadata