anima
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection.
- Ingestion points: External untrusted data enters the agent context through the
urlparameter inplayground-create(type l2c), Figma file identifiers (fileKey,nodesId), and Anima Playground URLs. - Boundary markers: The instructions do not define boundary markers or safety directives to ignore potentially malicious instructions embedded in the external content being processed.
- Capability inventory: The skill includes tools to create playgrounds and publish live web applications or npm packages using the
playground-publishtool. - Sanitization: There is no mention of sanitizing or filtering instructions from the retrieved external content before it is processed by the AI.
Audit Metadata