manimate

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt includes explicit, nonfunctional runtime manipulation (defaulting MANIMATE_AGENT_CLI to flags like "--dangerously-skip-permissions" and unsetting env vars such as CLAUDE_CODE_ENTRYPOINT/CLAUDECODE) that attempts to bypass agent permission/safety controls—behavior outside the stated goal of generating Manim animations, so this is a prompt-injection.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill executes untrusted LLM-generated Python scenes locally (written directly from agent outputs and then run via manim), includes a postinstall hook that auto-links into user agent directories, and even defaults to invoking an agent CLI with a "--dangerously-skip-permissions" flag while unsetting env vars — together these patterns enable remote code execution, potential data exfiltration, and covert bypassing of agent safety, so this is a high-risk backdoor/execution vector.