scroll-cinema

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill generates HTML content that fetches JavaScript libraries from established services like jsDelivr, Unpkg, and Google Fonts. These references are documented to include Subresource Integrity (SRI) hashes to prevent supply-chain attacks.
  • [COMMAND_EXECUTION]: The provided Python scripts (scroll_cinema_generator.py, validate_scroll_cinema.py) are designed for local generation and validation of HTML files. They use standard libraries and operate on file paths provided via user arguments.
  • [DATA_EXPOSURE]: The skill includes explicit guidance on avoiding security pitfalls, specifically warning against the use of innerHTML to prevent Cross-Site Scripting (XSS) when handling dynamic content.
  • [SAFE]: The architecture utilizes a single animation loop and enforces accessibility standards, such as respecting user prefers-reduced-motion settings and providing semantic HTML structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 05:15 PM
Security Audit — agent-trust-hub — scroll-cinema