REVIEW 3 major objections 6 minor 44 references
Most safety-relevant content in public Scratch projects only appears after you run them, not from the project page.
Reviewed by Pith at T0; open to challenge. T0 means a machine referee read the full paper against a public rubric. the ladder, T0–T4 →
T0 review · grok-4.5
2026-07-12 00:33 UTC pith:AKTDUOLN
load-bearing objection Useful, carefully scoped audit showing that runtime depth matters for Scratch curation; the 93%/77% figures are honest characterizations of a biased seed set, not prevalence, and the main soft spot is unreproducible single-adjudicator labels. the 3 major comments →
Content Hidden Behind Execution: Analyzing Public Scratch Projects at Runtime
The pith
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
In a targeted audit of 500 public Scratch projects, the primary safety-relevant signal was not resolvable from static metadata for 467 projects (93%), and 387 projects (77%) required interaction, gameplay progression, failure states, or hidden-asset and code inspection. Metadata-only project-page review therefore leaves key evidence unresolved when Scratch projects are curated for classroom examples, student exploration, remix, or datasets.
What carries the argument
A runtime-aware annotation scheme that separates content category (multi-label C1–C9), risk level (0–4), evidence channel (E0–E6), reveal mechanism (M0–M8), and annotation confidence, plus a deepest-exploration-depth scale (D0–D4) that records whether the signal was visible from metadata or required execution, interaction, or code/asset inspection.
Load-bearing premise
The 93% and 77% depth figures rest on labels from an LLM-assisted first pass plus single lead-researcher checkpoint review of a deliberately oversampled sensitive seed set, without independent dual annotation.
What would settle it
Independently re-annotate a fresh sample of public Scratch projects drawn the same way, with dual human coders and the same D0–D4 depth scale; if most projects' primary safety-relevant signals become visible from metadata alone, the central runtime-depth claim fails for this curation setting.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper frames runtime-revealed sensitive content as a computing-education curation problem for public Scratch projects used as classroom examples, remix sources, open-exploration materials, and research data. It contributes a five-dimension annotation scheme (content category, risk level, evidence channel, reveal mechanism, confidence) with multi-label categories C1–C9, risk 0–4, evidence channels E0–E6, and reveal mechanisms M0–M8, plus an exploration-depth scale D0–D4. Using an LLM-assisted first-pass pipeline over a headless scratch-vm harness and single lead-researcher adjudication, the authors audit 500 deliberately oversampled public projects. Headline results (Table 6; §6.2): 467/500 (93%) required runtime exploration beyond static metadata, and 387/500 (77%) required interaction, gameplay progression, failure states, or hidden-asset/code inspection. The study is carefully scoped as characterization of reveal mechanisms in a selected corpus, not platform-wide prevalence.
Significance. If the depth and mechanism characterizations hold, the paper supplies a usable vocabulary and empirical motivation for runtime-aware classroom and dataset curation of executable youth media—an under-specified gap relative to metadata-mediated resource selection and static Scratch analysis. Strengths include: (i) explicit separation of category from risk and of evidence channel from reveal pathway; (ii) boundary rules that reduce over-labeling (stylized combat vs gore; advocacy vs targeted harm); (iii) honest non-prevalence scoping and ethics constraints; and (iv) concrete operational distinctions (D0–D4, M0–M8) that can inform screening-depth provenance and educator-facing tools. The contribution is primarily methodological and descriptive rather than causal or prevalence-estimating.
major comments (3)
- §5.2 and Table 6: The load-bearing 93% (D1–D4) and 77% (D3–D4) depth statistics rest on LLM first-pass labels adjudicated by a single lead researcher who also authored the codebook; the manuscript states that independent dual annotation remains future work and reports no inter-rater reliability, agreement rates, or subsample dual-coding. For a content-analysis claim that quantifies how often the primary safety-relevant signal is runtime-only, this is insufficient. At minimum, dual-code a stratified subsample (e.g., 50–100 projects) on exploration depth and primary reveal mechanism, report agreement (or adjudication protocol), and state how disagreements affect the headline percentages.
- §5.1–5.2 / reproducibility of Table 6: The audit screens ~1,458 candidates down to 500 and reports precise depth counts, but releases neither project IDs, annotation files, harness configuration (passive window, interaction timeline), nor LLM identity/prompts. Without these, the depth characterization cannot be independently checked, especially given deliberate oversampling via taxonomy keywords and high-density C6/C9 clusters. Provide a reproducibility package (IDs or stable project hashes, final labels, harness parameters) or a clear justification if platform terms prevent full release, with the strongest feasible substitute (e.g., redacted label tables + code).
- §5.2 pipeline validity: The multimodal LLM reviews three keyframes (start/middle/end) plus a structured trace; when frames are uninformative it falls back to metadata-only and lowers confidence. D3/D4 signals by definition often require interaction paths or hidden assets that three keyframes may miss or mis-locate. Clarify how the pipeline assigns deepest exploration depth when the LLM sees only partial traces, how human checkpoints correct depth (not only category) errors, and whether any systematic bias toward deeper depths was measured. Without this, the D3/D4 mass (189+198) is hard to interpret as a property of the corpus rather than of the review procedure.
minor comments (6)
- Table 6: M0 is reported for 407 projects while D0 is only 33; the multi-label nature of reveal mechanisms vs single deepest depth is easy to misread. Add one sentence in §6.2 explaining that M0 can co-occur with deeper mechanisms and is not equivalent to D0-only resolution.
- Table 6: M3 and M8 are 0 in this audit; either drop them from the main table to a scheme appendix or briefly justify retaining zero-count codes so readers do not treat absence as scheme failure.
- §4.2 / Table 2: Risk levels 0–4 are named but operational thresholds (what separates “mildly age-inappropriate” from “clearly inappropriate”) are thin. A short decision rule or example per level would improve reuse of the scheme.
- §6.1 Table 5: C4 and C5 each have only 2 projects; note that these cells are too sparse for distributional claims and are included only for scheme coverage.
- Related work: several self-citations are arXiv preprints dated 2025–2026; ensure they are necessary and that core claims do not depend on unpublished companion results.
- Abstract and §1: “runtime-revealed sensitive content” is defined clearly; keep the same hyphenation and wording consistently (the abstract uses quotes; the body sometimes drops them).
Circularity Check
No circular derivation: empirical audit counts from a deliberately oversampled corpus, not predictions forced by fitted inputs or self-citation chains.
full rationale
The paper is a scoped empirical characterization of reveal mechanisms in a 500-project seed set, not a first-principles derivation or predictive model. The headline 93%/77% figures (Table 6; §6.2) are direct counts of exploration-depth labels assigned under the authors' own annotation procedure; they are not obtained by fitting a parameter and then 'predicting' a related quantity, nor by defining depth in terms of the claimed result. Seed construction from prior taxonomy mapping, C1–C9 keyword terms, and cluster follow-up (§5.1, Table 4) is intentional stress-test sampling for scheme development, which the paper itself scopes against prevalence claims; that is selection design, not self-definitional circularity. Related-work self-citations (Scratch analysis/runtime tools) are background and do not load-bear the depth statistics. No uniqueness theorem, ansatz smuggled via citation, or renaming of a known result appears as a forced step. Reliability concerns (single-adjudicator LLM pipeline, no IRR, no released IDs) are validity issues outside the circularity patterns. Derivation chain is self-contained as an audit report of observed labels on the stated corpus.
Axiom & Free-Parameter Ledger
free parameters (3)
- Passive runtime window and fixed interaction timeline in scratch-vm harness =
Not numerically specified
- Risk scale 0–4 severity thresholds =
Ordinal 0–4
- Final corpus size N=500 after screening ~1458 candidates =
500 retained / ~1458 fetched
axioms (5)
- domain assumption Public Scratch projects function as learner-facing educational materials (examples, remix sources, open exploration, research data), so classroom/research curation must consider the executed experience.
- domain assumption Age-appropriateness judgments for interactive media require evidence of what users can encounter during play, not only surface metadata.
- ad hoc to paper A deliberately oversampled seed set of sensitive/borderline projects can characterize reveal mechanisms without estimating platform-wide prevalence.
- ad hoc to paper LLM first-pass annotations plus single lead-researcher checkpoint adjudication yield usable final labels for depth and category statistics.
- domain assumption Categories are multi-label and risk is separable from theme; stylized combat is not automatically high risk; harassment requires targeting.
invented entities (3)
-
Runtime-revealed sensitive content
no independent evidence
-
Five-dimension runtime-aware annotation scheme (category, risk, evidence channel, reveal mechanism, confidence)
no independent evidence
-
Exploration depth scale D0–D4
no independent evidence
read the original abstract
Public Scratch projects are reused in computing education as classroom examples, remix sources, open-exploration materials, and research data. Curation often begins with titles, thumbnails, descriptions, tags, and remix links, but Scratch projects are executable learning artifacts. Content affecting age appropriateness can appear only after execution, gameplay progression, a failure state, user interaction, costume switching, audio playback, or a hidden event trigger. We study "runtime-revealed sensitive content" as a computing education curation challenge: educators and researchers need runtime evidence about what students may encounter when Scratch projects are used in these settings. We introduce a runtime-aware annotation scheme that separates content category, risk level, evidence channel, reveal mechanism, and annotation confidence. Using this scheme, we conducted an audit of 500 public Scratch projects sampled from curated candidates, taxonomy-guided keyword search, and follow-up exploration of project clusters surfaced during review. In this audit, 467 of 500 projects (93%) required runtime exploration beyond static metadata to surface the safety-relevant signal; 387 (77%) required interaction, gameplay progression, failure states, or hidden-asset and code inspection. As a targeted classroom and research curation audit, the study characterizes reveal mechanisms in a selected corpus rather than estimating platform-wide prevalence or making platform-level safety claims. The results show metadata-only screening leaves key evidence unresolved in executable youth media. By separating content type, severity, evidence location, and reveal pathway, this work supports classroom project selection, student exploration practices, dataset construction, and educator-facing screening tools for block-based programming communities.
Reference graph
Works this paper leans on
-
[1]
Schunn, and Richard J
Samuel Abramovich, Christian D. Schunn, and Richard J. Correnti. 2013. The Role of Evaluative Metadata in an Online Teacher Resource Exchange.Educational Technology Research and Development61, 6 (2013), 863–883. https://doi.org/10. 1007/s11423-013-9317-2
2013
-
[2]
Elizaveta Artser, Daniil Karol, Anna Potriasaeva, Aleksei Rostovskii, Katsiaryna Dzialets, Ekaterina Koshchenko, Xiaotian Su, April Yi Wang, and Anastasiia Birillo. 2026. Enhancing Debugging Skills with AI-Powered Assistance: A Real- Time Tool for Debugging Support. https://doi.org/10.48550/arXiv.2601.02504 arXiv:2601.02504 [cs.SE]
-
[3]
Brigid J. S. Barron, Daniel L. Schwartz, Nancy J. Vye, Allison Moore, Anthony Petrosino, Linda Zech, and John D. Bransford. 1998. Doing with Understanding: Lessons from Research on Problem- and Project-Based Learning.The Journal of the Learning Sciences7, 3–4 (1998), 271–311. https://doi.org/10.1080/10508406. 1998.9672056
-
[4]
Basically Games. 2025. Baldi’s Basics® Classic. https://play.google.com/store/ apps/details?id=com.BasicallyGames.BaldisBasicsClassic. Accessed: 2026-06-25
2025
-
[5]
Anastasiia Birillo, Elizaveta Artser, Anna Potriasaeva, Ilya Vlasov, Katsiaryna Dzialets, Yaroslav Golubev, Igor Gerasimov, Hieke Keuning, and Timofey Bryksin
-
[6]
One Step at a Time: Combining LLMs and Static Analysis to Generate Next-Step Hints for Programming Tasks. InProceedings of the 24th Koli Calling International Conference on Computing Education Research (Koli Calling ’24). Association for Computing Machinery, New York, NY, USA, Article 9, 12 pages. https://doi.org/10.1145/3699538.3699556
-
[7]
Blumenfeld, Elliot Soloway, Ronald W
Phyllis C. Blumenfeld, Elliot Soloway, Ronald W. Marx, Joseph S. Krajcik, Mark Guzdial, and Annemarie Palincsar. 1991. Motivating Project-Based Learning: Sustaining the Doing, Supporting the Learning.Educational Psychologist26, 3–4 (1991), 369–398. https://doi.org/10.1080/00461520.1991.9653139
-
[8]
Karen Brennan and Mitchel Resnick. 2012. New Frameworks for Studying and Assessing the Development of Computational Thinking. Paper presented at the annual meeting of the American Educational Research Association, Vancouver, BC, Canada. https://scratched.gse.harvard.edu/ct/files/AERA2012.pdf
2012
-
[9]
Ruijia Cheng, Sayamindu Dasgupta, and Benjamin Mako Hill. 2022. How Interest- Driven Content Creation Shapes Opportunities for Informal Learning in Scratch: Content Hidden Behind Execution: Analyzing Public Scratch Projects at Runtime A Case Study on Novices’ Use of Data Structures. InProceedings of the 2022 CHI Conference on Human Factors in Computing Sy...
-
[10]
Sarah Currier, Jane Barton, Rónán O’Beirne, and Ben Ryan. 2004. Qual- ity Assurance for Digital Learning Object Repositories: Issues for the Meta- data Creation Process.Research in Learning Technology12, 1 (2004), 5–20. https://doi.org/10.3402/rlt.v12i1.11223
-
[11]
Sayamindu Dasgupta, William Hale, Andrés Monroy-Hernández, and Ben- jamin Mako Hill. 2016. Remixing as a Pathway to Computational Thinking. InProceedings of the 19th ACM Conference on Computer-Supported Cooperative Work & Social Computing (CSCW ’16). Association for Computing Machinery, New York, NY, USA, 1438–1449. https://doi.org/10.1145/2818048.2819984
-
[12]
Adina Deiner and Gordon Fraser. 2024. NuzzleBug: Debugging Block-Based Programs in Scratch. InProceedings of the IEEE/ACM 46th International Conference on Software Engineering(Lisbon, Portugal)(ICSE ’24). Association for Computing Machinery, New York, NY, USA, Article 22, 13 pages. https://doi.org/10.1145/ 3597503.3623331
arXiv 2024
-
[13]
Entertainment Software Rating Board. 2026. ESRB Ratings Guides, Categories, Content Descriptors. https://www.esrb.org/ratings-guide/. Accessed: 2026-05-10
2026
-
[14]
Entertainment Software Rating Board. 2026. ESRB Ratings Process for Phys- ical and Digital Video Games. https://www.esrb.org/ratings/ratings-process/. Accessed: 2026-06-13
2026
-
[15]
Entertainment Software Rating Board. 2026. Five Nights at Freddy’s: Core Collection. https://www.esrb.org/ratings/37379/five-nights-at-freddys-core- collection/. Accessed: 2026-06-25
2026
-
[16]
Patric Feldmeier, Gordon Fraser, Ute Heuer, Florian Obermüller, and Siegfried Steckenbiller. 2024. A Block-Based Testing Framework for Scratch. InProceedings of the 24th Koli Calling International Conference on Computing Education Research (Koli Calling ’24). Association for Computing Machinery, New York, NY, USA, Article 1, 12 pages. https://doi.org/10.1...
-
[17]
Gordon Fraser, Ute Heuer, Nina Körber, Florian Obermüller, and Ewald Was- meier. 2021. LitterBox: A Linter for Scratch Programs. In2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering Educa- tion and Training (ICSE-SEET). IEEE, Piscataway, NJ, USA, 183–188. https: //doi.org/10.1109/ICSE-SEET52601.2021.00028
-
[18]
2018.Custodians of the Internet: Platforms, Content Moderation, and the Hidden Decisions That Shape Social Media
Tarleton Gillespie. 2018.Custodians of the Internet: Platforms, Content Moderation, and the Hidden Decisions That Shape Social Media. Yale University Press, New Haven, CT, USA
2018
-
[19]
Jialiang Gu, Keren Zhou, Daming Li, Hanyuan Shi, and Jialu Zhang. 2026. Context- Aware Feedback Compression in Online Judge Programming with LLMs. In Companion Proceedings of the 34th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE Companion ’26)(Montreal, QC, Canada). Association for Comput...
-
[20]
Benjamin Mako Hill and Andrés Monroy-Hernández. 2017. A Longitudinal Dataset of Five Years of Public Activity in the Scratch Online Community.Scien- tific Data4, 1, Article 170002 (2017), 14 pages. https://doi.org/10.1038/sdata.2017.2
-
[21]
Robin Hunicke, Marc LeBlanc, and Robert Zubek. 2004. MDA: A Formal Approach to Game Design and Game Research. InProceedings of the AAAI Workshop on Challenges in Game AI. AAAI Press, San Jose, CA, USA, 6 pages
2004
-
[22]
Donglin Li, Daming Li, Hanyuan Shi, and Jialu Zhang. 2026. Raven: Rethinking Automated Assessment for Scratch Programs via Video-Grounded Evaluation. arXiv:2604.17820 [cs.SE]. https://doi.org/10.48550/arXiv.2604.17820
-
[23]
Yufeng Lin and Jialu Zhang. 2026. ScratchWorld: Evaluating If World Models Compute Executable Consequences. arXiv:2606.31689 [cs.SE]. https://doi.org/ 10.48550/arXiv.2606.31689
-
[24]
Sonia Livingstone and Peter K. Smith. 2014. Annual Research Review: Harms Experienced by Child Users of Online and Mobile Technologies: The Nature, Prevalence and Management of Sexual and Aggressive Risks in the Digital Age. Journal of Child Psychology and Psychiatry55, 6 (2014), 635–654. https://doi.org/ 10.1111/jcpp.12197
-
[25]
2021.The 4Cs: Classifying Online Risk to Children
Sonia Livingstone and Mariya Stoilova. 2021.The 4Cs: Classifying Online Risk to Children. Technical Report. CO:RE – Children Online: Research and Evidence. https://www.ssoar.info/ssoar/handle/document/71817
2021
-
[26]
Pan European Game Information. 2026. PEGI Age Ratings. https://pegi.info/ page/pegi-age-ratings. Accessed: 2026-05-10
2026
-
[27]
1980.Mindstorms: Children, Computers, and Powerful Ideas
Seymour Papert. 1980.Mindstorms: Children, Computers, and Powerful Ideas. Basic Books, New York, NY, USA
1980
-
[28]
2017.Lifelong Kindergarten: Cultivating Creativity through Projects, Passion, Peers, and Play
Mitchel Resnick. 2017.Lifelong Kindergarten: Cultivating Creativity through Projects, Passion, Peers, and Play. MIT Press, Cambridge, MA, USA
2017
-
[29]
Mitchel Resnick, John Maloney, Andrés Monroy-Hernández, Natalie Rusk, Evelyn Eastmond, Karen Brennan, Amon Millner, Eric Rosenbaum, Jay Silver, Brian Silverman, and Yasmin Kafai. 2009. Scratch: programming for all.Commun. ACM 52, 11 (Nov. 2009), 60–67. https://doi.org/10.1145/1592761.1592779
-
[30]
Scratch Foundation. 2026. Scratch – Imagine, Program, Share. https://scratch. mit.edu/. Accessed: 2026-05-10
2026
-
[31]
Scratch Foundation. 2026. Scratch Community Guidelines. https://scratch.mit. edu/community_guidelines/. Accessed: 2026-06-13
2026
-
[32]
Scratch Foundation. 2026. Scratch Community Guidelines, Digital Citizen- ship. https://scratchfoundation.org/learn/learning-library/scratch-community- guidelines-digital-citizenship. Accessed: 2026-06-13
2026
-
[33]
Scratch Foundation. 2026. scratch-vm: Virtual Machine for Scratch 3.0. https: //github.com/scratchfoundation/scratch-vm. Accessed: 2026-05-10
2026
-
[34]
Yuan Si, Simeng Han, Daming Li, Hanyuan Shi, and Jialu Zhang. 2026. ScratchEval: A Multimodal Evaluation Framework for LLMs in Block-Based Pro- gramming. arXiv:2602.00757 [cs.SE]. https://doi.org/10.48550/arXiv.2602.00757
-
[35]
Yuan Si, Daming Li, Hanyuan Shi, and Jialu Zhang. 2025. ViScratch: Using Large Language Models and Gameplay Videos for Automated Feedback in Scratch. arXiv:2509.11065 [cs.SE]. https://doi.org/10.48550/arXiv.2509.11065
-
[36]
Yuan Si, Kyle Qi, Daming Li, Hanyuan Shi, and Jialu Zhang. 2025. Stitch: Step- by-step LLM Guided Tutoring for Scratch. arXiv:2510.26634 [cs.SE]. https: //doi.org/10.48550/arXiv.2510.26634
-
[37]
Yuan Si, Ming Wang, Daming Li, Hanyuan Shi, and Jialu Zhang. 2026. Eco- Scratch: Cost-Effective Multimodal Repair for Scratch Using Execution Feedback. arXiv:2603.29624 [cs.SE]. https://doi.org/10.48550/arXiv.2603.29624
-
[38]
Yuan Si and Jialu Zhang. 2026. Certificate-Carrying Transformation of Event- Driven Block Programs. arXiv:2607.00563 [cs.PL]
Pith/arXiv arXiv 2026
-
[39]
Yuan Si and Jialu Zhang. 2026. Checked Program Recovery from Execution Video: A Sound Oracle for Untrusted Generators. arXiv:2607.00635 [cs.SE]
Pith/arXiv arXiv 2026
-
[40]
Yuan Si and Jialu Zhang. 2026. SchedCheck: Schedule-Robustness Analysis for Event-Driven Block Programs. arXiv:2607.00623 [cs.SE]
Pith/arXiv arXiv 2026
-
[41]
Yuan Si and Jialu Zhang. 2026. ScratchLens: Lens-Parametric Behavioral Equiva- lence for Scratch Programs. arXiv:2606.15817 [cs.PL]
Pith/arXiv arXiv 2026
-
[42]
Pamela Wisniewski, Arup Kumar Ghosh, Heng Xu, Mary Beth Rosson, and John M. Carroll. 2017. Parental Control vs. Teen Self-Regulation: Is There a Middle Ground for Mobile Online Safety?. InProceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW ’17). Association for Computing Machinery, New York, NY, USA, 51...
-
[43]
Kolesar, Ruzica Piskac, Daming Li, and Hanyuan Shi
Jialu Zhang, Jialiang Gu, Wangmeiyu Zhang, José Pablo Cambronero, John C. Kolesar, Ruzica Piskac, Daming Li, and Hanyuan Shi. 2025. A Systematic Study of Time Limit Exceeded Errors in Online Programming Assignments. arXiv:2510.14339 [cs.SE]. https://doi.org/10.48550/arXiv.2510.14339
-
[44]
Zinan Zhang, Xinning Gui, Junnan Yu, Sunny Bai, and Yubo Kou. 2025. Dangerous Playgrounds: Child Players’ Encounters with Design-Mediated Risks on User Generated Game Platforms and Their Safety Practices. InProceedings of the 24th Annual ACM Interaction Design and Children Conference (IDC ’25). Association for Computing Machinery, New York, NY, USA, 296–3...
arXiv 2025
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.