The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted text and asset descriptions from external websites.
Ingestion points: Website content is extracted into extracted/visible-text.txt and extracted/asset-descriptions.md using the npx hyperframes capture command in Step 1.
Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat extracted data as untrusted or to ignore any embedded instructions within that data.
Capability inventory: The agent uses this untrusted data to generate narration scripts (SCRIPT.md) and creative direction (STORYBOARD.md), which are then used to build executable HTML/JS compositions. It also has access to several CLI tools for video production.
Sanitization: The workflow does not include any steps for sanitizing, validating, or escaping the text extracted from the target website before it is incorporated into prompts.
[COMMAND_EXECUTION]: The skill uses multiple CLI commands to perform its core functions, which is standard for its purpose:
npx hyperframes is invoked for capturing data, generating text-to-speech, transcribing audio, linting, validation, and rendering.
node skills/hyperframes-animation-map/scripts/animation-map.mjs is executed to analyze composition animations.
[EXTERNAL_DOWNLOADS]: The skill's templates reference several external resources from well-known services:
JavaScript libraries for Lottie animations and GSAP plugins are fetched from cdn.jsdelivr.net.
Typography is loaded from Google Fonts via fonts.googleapis.com.
These references are used for legitimate rendering purposes and involve well-known providers.

website-to-hyperframes