Skills
skills/nonlooped/roblox-suite/roblox-open-cloud/Gen Agent Trust Hub

roblox-open-cloud

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses official Roblox domains (roblox.com, apis.roblox.com, create.roblox.com) for all API interactions and documentation references. These are well-known, trusted services.
  • [SAFE]: Authentication practices described and implemented in the OpenCloudRequest.lua script follow the 'Secrets Store' pattern. It explicitly retrieves the API key using HttpService:GetSecret, which is the standard and safe method for credential management in the Roblox environment, preventing hardcoded secrets and accidental exposure.
  • [SAFE]: The documentation provides extensive security checklists, including minimum-permission scopes, IP restrictions, and key rotation, which help developers maintain a secure environment.
  • [SAFE]: No obfuscation, prompt injection attempts, or unauthorized external data exfiltration patterns were detected in the instructions or scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 12:39 AM
Security Audit — agent-trust-hub — roblox-open-cloud