Skills
skills/devmartinese/awwwards-animations-skill/awwwards-animations/Gen Agent Trust Hub

awwwards-animations

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): Automated scans identified a blacklisted malicious domain (p.cx) associated with the skill.
  • Evidence: The URLite scanner report explicitly flags p.cx (Signature: URE4BF4527CC8A62B1-0200). This domain is a known host for malicious short links and redirects.
  • Risk: Interacting with or downloading content from blacklisted domains can lead to malware infection or credential theft.
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill's installation instructions utilize a command (npx skills add) that, if pointed to the flagged domain, would execute code from an untrusted and malicious source.
  • Evidence: The presence of a blacklisted domain in the scanner results, combined with the npx installation pattern, indicates the skill is likely hosted on or distributed through a compromised or malicious repository.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill recommends the installation of Anime.js 4.0, which is not the current stable release on the npm registry.
  • Evidence: Found in README.md under 'Libraries & Versions'.
  • Risk: Promoting unverified or future versions of packages can facilitate supply-chain attacks where attackers publish malicious versions of a package using a higher version number.
Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 05:51 PM