hytale-pack-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure] (LOW): The script
scripts/init_pack.pyaccesses the Windows%AppData%environment variable to locate the default Hytale user data folder. This is a standard procedure for gaming-related modding tools to ensure assets are placed in the correct directory for the application to load them. - [Command Execution] (LOW): The inclusion of a Python script is for local file system management (creating directories and boilerplate JSON files). The script relies exclusively on Python's built-in libraries (
os,sys,json,pathlib) and does not perform any network operations, external downloads, or shell execution of untrusted commands. - [Indirect Prompt Injection] (LOW): The skill has a minimal attack surface for indirect injection. While it processes user-provided inputs like Pack Name and Author to generate files, the impact is limited to local file creation. The script includes a check to prevent overwriting existing directories.
Audit Metadata