game-3d-assets
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches 3D model binaries from well-known services and trusted organizations, including GitHub (mrdoob/three.js, KhronosGroup), Poly Haven, and Sketchfab. These assets are non-executable and used strictly for visual rendering.
- [CREDENTIALS_UNSAFE]: API keys for Meshy AI and Sketchfab are handled by requesting user input for storage in a local .env file. The skill includes specific instructions to redact these keys from conversation logs, adhering to safe secret management practices.
- [COMMAND_EXECUTION]: Employs local Node.js scripts for asset tasks such as model generation and optimization. These commands are typical for a development workflow and are restricted to the local environment.
Audit Metadata