sprite-animation
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's functionality is centered on generating static HTML and CSS for visual animations. It specifically mandates the exclusion of external JavaScript, which significantly reduces the risk of malicious code execution.
- [EXTERNAL_DOWNLOADS]: The example file included with the skill references font and styling assets from Google Fonts, a well-known and trusted service.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it processes external data to generate its output. Ingestion points: It reads design tokens from DESIGN.md and topic information from user-provided briefs. Boundary markers: No explicit markers or instructions to isolate untrusted input data are provided. Capability inventory: The skill is limited to code generation; it does not request or utilize tools for network access, file system modification, or command-line execution. Sanitization: There are no specialized sanitization or validation routines applied to the ingested external content.
Audit Metadata