epic-design
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches reputable animation and scrolling libraries (GSAP, Lenis) from the well-known jsDelivr CDN. These downloads are standard for modern web development and target official package distributions.
- [COMMAND_EXECUTION]: Instructs the agent to execute local Python (
scripts/inspect-assets.py) and Node.js (scripts/validate-layers.js) scripts. These scripts are used for auditing image assets and validating the structural integrity of generated HTML, respectively. Both operate locally without network access or unsafe privilege requirements. - [SAFE]: The skill incorporates robust accessibility requirements, such as enforcing 'prefers-reduced-motion' support and proper ARIA attributes, reflecting a secure and standards-compliant implementation.
- [SAFE]: Analysis of the instructions and supporting scripts found no evidence of prompt injection, data exfiltration, or obfuscated malicious code.
Audit Metadata