Back to skill

Security audit

rodin3d-skill

Security checks across malware telemetry and agentic risk

Overview

The skill appears to generate 3D models as advertised, but its API-key handling and dependency/download safety issues need review before installation.

Install only after review. Use your own Hyper3D key, prefer HYPER3D_API_KEY over command-line flags, do not use the shared fallback key, and do not submit confidential images or prompts unless third-party Hyper3D processing is acceptable. Run it in a virtual environment with pinned current dependencies and download outputs into a dedicated empty directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly relies on environment variables and external network access, but the documentation does not declare those capabilities or permissions. That omission can prevent proper user consent and security review, especially since user images, prompts, and API credentials are involved.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The script prints a partially masked API key to the console, which still discloses secret material and can aid credential identification, correlation, or shoulder-surfing/log leakage. In CI logs, terminal recordings, or shared consoles, even partial secret exposure is unnecessary and increases the chance of accidental compromise.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide repeatedly recommends passing the API key via --api-key on the command line, which exposes secrets through shell history, process listings, logs, and automation traces. This is especially risky in shared systems, CI environments, or agent frameworks that record executed commands.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description says the skill converts images or prompts to 3D models via an API, but it does not clearly warn that user-supplied images and prompts are transmitted to a third-party service. That weakens informed consent and may lead to accidental disclosure of sensitive content to an external provider.

Ssd 3

Medium
Confidence
99% confidence
Finding
The documentation instructs users to fall back to a shared/free API key value ("vibecoding") when no personal key is set. Shared credentials encourage insecure practices, can leak into histories and workflows, blur accountability, and may expose users to abuse, revoked access, or unintended charges/usage constraints.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
Pillow
Confidence
97% confidence
Finding
requests

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
Pillow
Confidence
98% confidence
Finding
Pillow

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
95% confidence
Finding
requests

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
99% confidence
Finding
Pillow

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.