manim-composer
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill's workflow includes a 'Research the topic deeply' phase using web search, which is a potential vector for indirect prompt injection from external web content.
- Ingestion points: Web search results (SKILL.md).
- Boundary markers: Absent. No explicit instructions to ignore embedded commands in search results.
- Capability inventory: Web search (read), creation of planning documents (write to scenes.md).
- Sanitization: Absent.
- No Executable Code (SAFE): All files are markdown (.md) documents containing instructions, templates, and code snippets for reference. No scripts or binaries are included or executed by the skill itself.
Audit Metadata