scroll-experience
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill instructions are focused on defining a specific role and providing technical patterns without any attempts to override system constraints or extract prompt data.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network communication patterns were identified.
- Obfuscation (SAFE): No hidden characters, Base64 encoding, or homoglyphs were found in the skill body or metadata.
- Unverifiable Dependencies & Remote Code Execution (SAFE): While the skill mentions libraries like GSAP and Framer Motion, it does not include commands to install untrusted packages or execute remote scripts via curl/bash.
- Dynamic Execution (SAFE): The provided code snippets are static examples of frontend JavaScript and CSS. There are no uses of eval(), exec(), or runtime code generation.
Audit Metadata