animated-video
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is entirely instructional and does not bundle any executable scripts, binaries, or configuration files other than the SKILL.md definition.
- [PROMPT_INJECTION]: The skill processes user-supplied descriptions to generate functional code (HTML/JS/CSS), which creates a surface for indirect prompt injection. Malicious instructions provided by a user could potentially influence the behavior of the generated scripts.
- Ingestion points: User requests for animated explainers, intros, or motion graphics (SKILL.md).
- Boundary markers: The skill lacks explicit delimiters or instructions for the agent to distinguish between animation requirements and potentially malicious commands in user input.
- Capability inventory: The agent is authorized to generate self-contained HTML files with embedded JavaScript and CSS keyframes.
- Sanitization: There are no instructions for validating, escaping, or filtering user-provided text before it is interpolated into the generated code.
Audit Metadata