animate
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze external data (features or components from the codebase or conversation) to provide animation recommendations. This ingestion of untrusted data creates a potential surface for indirect prompt injection where malicious instructions could be embedded in the code or descriptions being reviewed.
- Ingestion points: Reads component/feature descriptions and code from the thread or codebase as specified in the target argument and the 'Context Gathering' section.
- Boundary markers: The instructions do not define explicit delimiters or instructions to ignore embedded commands within the ingested content.
- Capability inventory: The skill primarily generates design strategies and CSS/JS code snippets. It lacks direct capabilities for network access or persistent file system modifications, though it utilizes the AskUserQuestionTool for clarification.
- Sanitization: There are no explicit sanitization or filtering steps defined for the input data.
Audit Metadata