scroll-cinema
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill generates HTML content that fetches JavaScript libraries from established services like jsDelivr, Unpkg, and Google Fonts. These references are documented to include Subresource Integrity (SRI) hashes to prevent supply-chain attacks.
- [COMMAND_EXECUTION]: The provided Python scripts (
scroll_cinema_generator.py,validate_scroll_cinema.py) are designed for local generation and validation of HTML files. They use standard libraries and operate on file paths provided via user arguments. - [DATA_EXPOSURE]: The skill includes explicit guidance on avoiding security pitfalls, specifically warning against the use of
innerHTMLto prevent Cross-Site Scripting (XSS) when handling dynamic content. - [SAFE]: The architecture utilizes a single animation loop and enforces accessibility standards, such as respecting user
prefers-reduced-motionsettings and providing semantic HTML structure.
Audit Metadata