animation-designer
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill allows the agent to modify files and create artifacts based on untrusted external data (user queries). 1. Ingestion points: User-provided queries for animation tasks as described in README.md. 2. Boundary markers: Absent; no delimiters are specified to isolate user input from the skill's operational instructions. 3. Capability inventory: 'modifies_files' and 'creates_artifacts' permissions defined in manifest.yaml. 4. Sanitization: Absent; no validation or escaping logic is described for the content generated from user instructions.\n- Metadata Poisoning (MEDIUM): The manifest.yaml includes the 'rag' domain and tag, which is technically unrelated to animation or frontend motion design, potentially causing the agent to misinterpret the skill's intended use case.
Recommendations
- AI detected serious security threats
Audit Metadata