frontend-ui-animator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempt to bypass safety filters or override system prompts. The workflow is purely instructional for UI development.
- Data Exposure & Exfiltration (SAFE): The skill identifies standard project files (e.g., tailwind.config.ts, app/ directory) for analysis but does not target sensitive data like credentials or SSH keys. No network operations are present.
- Obfuscation (SAFE): No encoded strings, hidden characters, or homoglyphs were detected. All instructions and code samples are in plain text.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, well-known animation libraries (framer-motion, gsap) and check for their presence in package.json. No piped shell commands or remote script downloads are used.
- Privilege Escalation & Persistence (SAFE): No commands for escalating user privileges or establishing persistence (e.g., crontabs, shell profiles) are present.
- Indirect Prompt Injection (LOW): While the skill ingests project file data, it lacks the exploitable capabilities or automated write-actions to pose a significant risk; it functions as a typical development assistant.
Audit Metadata