r3f-setup
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior or bypass safety constraints.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected.
- [Unverifiable Dependencies] (LOW): The skill references standard npm packages (@react-three/fiber, three, react). These are well-known libraries from the 'pmndrs' and Meta ecosystems.
- [Dynamic Execution] (LOW): The skill provides patch files for 'three' and 'detect-gpu' to address WebGPU and SSR compatibility. Technical analysis of the patch content confirms they are limited to adding null checks and package metadata, posing no security threat.
Audit Metadata