gsap-master
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the GSAP library and its plugins through jsDelivr (cdn.jsdelivr.net), which is a well-known and trusted Content Delivery Network for open-source projects. These references are documented neutrally as standard project dependencies.
- [COMMAND_EXECUTION]: The provided script 'scripts/make-gsap-starter.sh' is a benign utility designed to initialize a local development environment. It creates a directory and writes a static HTML boilerplate file using standard shell commands (mkdir, cat) without any risky privilege escalation or remote execution patterns.
- [PROMPT_INJECTION]: The skill's instructions focus on technical expertise and output formatting for animation engineering. It does not contain any attempts to bypass safety filters, extract system prompts, or override agent constraints.
- [SAFE]: No evidence of data exfiltration, hardcoded credentials, obfuscation, or persistence mechanisms was found across the documentation, reference files, or utility scripts.
Audit Metadata