srt-hyperframes-editorial-video

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references and fetches the GSAP (GreenSock Animation Platform) library from registry.npmmirror.com in the scripts/generate-composition.mjs file. This is a well-known mirror for official NPM packages and is used here for its intended purpose in the generated video composition.
  • [COMMAND_EXECUTION]: The workflow involves executing several local Node.js scripts (e.g., init-project.mjs, generate-storyboard.mjs, generate-composition.mjs) to automate the project lifecycle. These scripts perform legitimate file system operations such as directory creation, file copying, and JSON processing within the scope of the video project.
  • [COMMAND_EXECUTION]: The skill relies on the hyperframes CLI tool (npx hyperframes) for linting, inspecting, and rendering the final video output, which is the primary stated purpose of the extension.
  • [DYNAMIC_EXECUTION]: The skill uses sub-agents to generate JavaScript code fragments (SceneXXX.js) that are subsequently bundled into a final HTML composition. This process is guarded by multiple validation scripts (validate-scene-js.mjs, validate-ed.mjs) designed to detect and block improper GSAP usage or timing errors before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 02:04 AM
Security Audit — agent-trust-hub — srt-hyperframes-editorial-video