anima
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches design data and assets from Figma URLs and external website URLs to perform code generation tasks.
- [COMMAND_EXECUTION]: Interacts with the 'anima' MCP server to manage playground creation, code generation, and application deployment.
- [CREDENTIALS_UNSAFE]: Uses the
ANIMA_API_TOKENenvironment variable for secure authentication with the vendor's API. - [PROMPT_INJECTION]: Processes external content from websites and Figma files as input for code generation, representing a standard indirect prompt injection surface for such tools.
- Ingestion points: User-provided website URLs and Figma design URLs.
- Boundary markers: None specified in the prompt instructions.
- Capability inventory: Generates and publishes code through the Anima MCP server.
- Sanitization: Input processing is performed by the Anima service backend.
Audit Metadata