algorithmic-art
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the p5.js library from Cloudflare's CDN (cdnjs.cloudflare.com). This is a well-known and trusted technology service, and the download is documented neutrally as a functional requirement for the art viewer.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by using untrusted user input to guide the creation of executable code.
- Ingestion points: User instructions for the art style or theme are directly interpolated into the 'Algorithmic Philosophy' and the final p5.js code.
- Boundary markers: No delimiters or specific 'ignore' instructions are provided to ensure the model does not follow instructions embedded within the user input.
- Capability inventory: The skill generates and executes JavaScript within a browser-based artifact environment.
- Sanitization: The prompt does not specify any validation or sanitization steps for the user-provided creative input before it influences the generated code.
Audit Metadata