Skills
skills/marclelamy/skills/website-to-hyperframes/Gen Agent Trust Hub

website-to-hyperframes

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core workflow of ingesting and processing untrusted data from remote websites.
  • Ingestion points: Website content is extracted into several files, most notably capture/extracted/visible-text.txt and capture/extracted/asset-descriptions.md, which are then used as source material for narration and visual layout.
  • Boundary markers: The skill lacks explicit boundary markers or instructions that would tell the agent to ignore or isolate any instructions embedded within the captured website text.
  • Capability inventory: The agent has the capability to execute shell commands (via npx hyperframes), write project files, and generate executable HTML/JavaScript code for the video compositions.
  • Sanitization: There is no evidence of sanitization or filtering of the extracted website content before it is used to generate the narration script or composition code.
  • [COMMAND_EXECUTION]: The skill frequently executes shell commands via npx, relying on the hyperframes CLI tool and tsx for capture, validation, and rendering tasks.
  • [EXTERNAL_DOWNLOADS]: The process involves downloading arbitrary assets (images, fonts, and text) from user-provided URLs during the initial capture phase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 12:08 PM
Security Audit — agent-trust-hub — website-to-hyperframes