Skills
skills/vibe-motion/skills/threejs-earth-render/Gen Agent Trust Hub

threejs-earth-render

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads source code from the author's GitHub repository (https://github.com/vibe-motion/threejs-earth.git) to render the Earth animation.
  • [REMOTE_CODE_EXECUTION]: The skill dynamically creates a package.json file to install the puppeteer library via npm and then executes a local JavaScript file using node to perform browser-based frame capture.
  • [COMMAND_EXECUTION]: The Python script invokes several system commands (git, npm, node, ffmpeg) using subprocess.run. These calls are necessary for the skill's workflow and use argument lists rather than shell strings, reducing injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:55 AM
Security Audit — agent-trust-hub — threejs-earth-render