manimgl-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (LOW): Multiple template files (e.g., "templates/basic_scene.py", "templates/3d_scene.py") use "os.system" to invoke the "manimgl" command-line interface.
- Evidence: "os.system(f"manimgl {file} ...")" block in the "if name == "main":" section.
- Context: This is a standard convenience pattern in Manim development to allow scripts to be run directly for previewing animations.
- EXTERNAL_DOWNLOADS (LOW): Examples and templates for 3D rendering (e.g., "rules/3d.md", "templates/3d_scene.py") reference external image assets for textures.
- Evidence: URLs pointing to Wikimedia Commons (e.g., "https://upload.wikimedia.org/wikipedia/commons/.../Whole_world_-_land_and_oceans.jpg").
- Context: These are standard asset downloads from a reputable source (Wikimedia) used for legitimate visualization purposes.
- DYNAMIC_EXECUTION (INFO): The documentation for interactive mode ("rules/interactive.md") describes the "checkpoint_paste()" function.
- Observation: This library feature executes code directly from the system clipboard. While a core part of the ManimGL workflow, it presents a risk if the clipboard contains untrusted content.
- INDIRECT_PROMPT_INJECTION (INFO): The skill provides many patterns for rendering text and LaTeX from strings.
- Observation: If an agent uses these patterns to render unsanitized user-provided input, it creates a surface for potential rendering-based attacks, though the impact is limited within the Manim rendering environment.
Audit Metadata