My avatar is showing Security checks failed

One
One
  • Updated

We are running checks on avatars on the server side to ensure that the avatars you run in-app run as smoothly as possible. One of the major things we look to tackle with these checks is malicious avatars on the platform.

  • If an avatar fails these checks, it will not load in:
    1. Within the nameplate, it will display the message "Security checks failed"
    2. Within the Avatar Menu, the thumbnail will be greyed out and contain an "X" in the top right
    3. With the avatar selected in the Avatar Menu, you will be prevented from switching to it with the message "Security checks failed"
  • If an avatar has not yet been scanned, its thumbnail in the Avatar Menu will contain a "?" in the top right.
Failed security checks Not yet scanned

If your avatar has failed these and you believe it is in error, we recommend checking for the following:

  1. Use the latest version of the VRChat SDK from the Creator Companion.
  2. Make sure that none of the packages or tools you use in your project modify your avatar in an unusual way upon upload. Consider uploading a test version of your avatar without them in your project for troubleshooting purposes.

In some cases, it might be an optimization issue. While we want to allow freedom, at a point, your avatar will start to severely impact the performance of others. As such, there are very high hard limits in place. We hope to communicate some of these hard limits better in the SDK in the future. Below is an example of what you might currently see in Validations. They might not be shown to you if you are on an older version of the SDK.

We commonly see creators have their avatars fail due to high memory usage. Please take a look at our Creator Documentation to learn about optimizing your avatar and the tools available for it. Other content creation resources are also listed in How do I create an Avatar or World?

If you've tried all this and things are still failing, please create a support ticket with details, including the avatar ID for the affected avatar. However, we will not be overriding failed security checks for individual avatars. Conversely, if you have found a malicious avatar, please report it to the Moderation Team.