motion-graphics
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads geographic data and mapping libraries (MapLibre, TopoJSON) from trusted CDNs like
cdn.jsdelivr.netto support its map-based graphics modules. - [COMMAND_EXECUTION]: The skill uses system utilities including
ffmpeg,ffprobe, andnodeto process images, calculate coordinates, and render the final video files. These operations are performed within the expected scope of a video generation tool. - [REMOTE_CODE_EXECUTION]: During initialization, the skill uses
npx hyperframes initto check for and apply updates to its core components from GitHub. This is a standard self-update mechanism for the HyperFrames toolset environment. - [PROMPT_INJECTION]: The skill processes untrusted data from external sources such as webpages, news articles, and tweets to create dynamic content. This represents an indirect prompt injection surface where external text could attempt to influence the sub-agents; however, the design uses a structured intermediate representation (JSON) to separate content from logic, which effectively mitigates typical injection risks.
Audit Metadata