text-to-lottie
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill utilizes
npx degit diffusionstudio/lottieto initialize projects, which involves downloading and running code from the vendor's GitHub repository. - [COMMAND_EXECUTION]: The skill executes a
node -eshell command to validate the syntax of generated Lottie JSON files. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. 1. Ingestion points: User-provided project and scene names. 2. Boundary markers: Instructions to verify paths and read the player contract. 3. Capability inventory: File reading/writing and shell command execution. 4. Sanitization: Uses
JSON.parseto validate JSON content but lacks sanitization for shell-interpolated project and scene names.
Audit Metadata