animate
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes user-provided UI descriptions to guide its code modification tasks.
- Ingestion points: User input describing UI, design, or frontend requirements enters the context when the skill is invoked.
- Boundary markers: The instructions lack explicit delimiters or 'ignore embedded instructions' warnings for the data being processed.
- Capability inventory: The skill is authorized to perform direct code modifications as stated in its 'Output' section.
- Sanitization: No input validation, escaping, or filtering routines are defined for the user-supplied content.
- [NO_CODE]: The skill consists exclusively of markdown-based instructions and references; it does not include any executable scripts, binaries, or package manifests.
Audit Metadata