blender
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill contains legitimate instructional content for 3D modeling, covering topics such as primitive-based modeling, quad-based topology, and non-destructive modifiers. The logic is consistent with its stated purpose of assisting in Blender operations.
- [EXTERNAL_DOWNLOADS]: The skill references the official Blender manual and a third-party GitHub repository for the Blender Model Context Protocol tool (
github.com/ahujasid/blender-mcp). These are documented as technical references for the agent to understand the modeling environment and do not involve automated installation or execution of remote scripts. - [COMMAND_EXECUTION]: The skill outlines a method for issuing commands to the Blender Python API via JSON-RPC 2.0. To mitigate risks associated with software automation, the instructions enforce a structured workflow with specific checkpoints and mandate that complex operations be divided into small, manageable steps.
- [PROMPT_INJECTION]: The skill processes user-supplied modeling requests (e.g., "make a character") which enter the agent's context. It manages this ingestion point by applying a rigid output format and a multi-stage modeling pipeline (primitive -> block -> subdivision), providing a structural boundary that limits the agent's actions to the specific domain of 3D modeling tasks. The inclusion of a pre-implementation checklist serves as a verification layer for the generated modeling plan.
Audit Metadata