improve-animations
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a robust defense mechanism (Hard Rule 4) requiring the agent to treat repository content as inert data and explicitly flag attempts to override instructions (e.g., 'ignore previous instructions') found in source files. This is a best-practice safety configuration.
- [COMMAND_EXECUTION]: The skill expressly forbids mutating operations, including installations, builds, and commits (Hard Rule 2), ensuring a safe, read-only analysis posture on the codebase.
- [DATA_EXFILTRATION]: No network operations or access to sensitive configuration files (e.g., credentials, SSH keys, or environment variables) were detected. The skill's scope is strictly limited to UI and motion-related code analysis.
- [INDIRECT_PROMPT_INJECTION]: While the skill's primary function involves ingesting untrusted repository data (TSX, CSS, JS), the risk is mitigated by explicit boundary instructions that treat file contents as data rather than instructions, and a workflow that requires human confirmation before plans are executed.
Audit Metadata