p5js
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes p5.js and its ecosystem of libraries (p5.sound, CCapture.js, p5.brush, p5.grain) via script tags pointing to well-known and trusted content delivery networks including cdnjs (Cloudflare), unpkg, and jsDelivr.
- [COMMAND_EXECUTION]: The skill includes several utility shell scripts for environment management.
scripts/setup.shverifies system dependencies,scripts/serve.shstarts a local HTTP server using either Python's built-in module or Node.js to load local assets, andscripts/render.shcoordinates the headless browser export pipeline. - [PROMPT_INJECTION]: As the skill involves the agent generating executable code (HTML/JavaScript) based on user-provided prompts, it naturally possesses an indirect prompt injection surface. The automated rendering script
scripts/export-frames.jsuses Puppeteer with flags that disable certain security features, such as--disable-web-securityand--allow-file-access-from-files, which are standard requirements for capturing local canvas elements but could be leveraged by maliciously crafted code. - Ingestion points: User-provided creative prompts are used to generate the p5.js sketches in
SKILL.md. - Boundary markers: The instructions do not define specific delimiters to wrap user-influenced strings within the generated code.
- Capability inventory: Generated sketches run in the browser with access to p5.js APIs and can be rendered headlessly using Puppeteer.
- Sanitization: There is no specified logic for sanitizing or escaping user-provided text before it is interpolated into the generated JavaScript code.
Audit Metadata