hyperframes-registry
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches registry manifests and item data from the official heygen-com GitHub repository, which is a well-known service organization.
- [EXTERNAL_DOWNLOADS]: References the GSAP animation library from the jsDelivr CDN for use in component demos and project integration.
- [COMMAND_EXECUTION]: Uses the hyperframes CLI for adding, linting, and previewing components within a project environment.
- [PROMPT_INJECTION]: Ingestion points: Registry data and component snippets are ingested from external sources (GitHub) into the local project and agent session. Boundary markers: The skill does not implement specific markers to ignore potential instructions embedded in the downloaded assets. Capability inventory: The skill utilizes subprocess calls via the CLI and provides instructions for local file system modifications. Sanitization: Security relies on the use of trusted official sources, manual user review of code snippets, and the hyperframes lint utility.
Audit Metadata