hyperframes
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a specialized environment for video production. All instructions, reference files, and patterns provided are consistent with standard web animation and video rendering workflows.
- [COMMAND_EXECUTION]: The repository contains local Node.js utility scripts (scripts/animation-map.mjs and scripts/contrast-report.mjs) designed to analyze the output of the video compositions. These scripts run a local file server and use Puppeteer for DOM measurement and visual auditing, which is a standard approach for this type of tool.
- [DATA_EXFILTRATION]: Reference documentation in references/transcript-guide.md provides examples for using external transcription APIs from OpenAI and Groq. These examples properly use environment variables for authentication and do not exhibit any automated data harvesting or exfiltration behavior.
- [INDIRECT_PROMPT_INJECTION]: The skill processes transcripts and lyrics from external files. While this is an ingestion point for untrusted data, references/transcript-guide.md includes defensive guidelines for quality checking and filtering transcripts for noise or nonsense, which acts as a mitigating measure.
Audit Metadata