algorithmic-art
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMPROMPT_INJECTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes a 'DEDUCING THE CONCEPTUAL SEED' step that encourages the agent to embed 'subtle, niche references' from user input invisibly into the generated algorithm's parameters and behaviors. This 'hidden intent' pattern creates a surface for indirect prompt injection and the execution of malicious logic.
- [PROMPT_INJECTION]: The skill exhibits an indirect injection vulnerability surface:
- Ingestion points: User instructions and 'subtle inputs' in the initial request are used to define the core algorithm.
- Boundary markers: No explicit delimiters are specified to separate user-provided data from the generated 'philosophy' or resulting code.
- Capability inventory: The skill possesses 'write and execute' capabilities by generating arbitrary JavaScript/p5.js code within HTML artifacts.
- Sanitization: There is no evidence of escaping, validation, or filtering for user-provided conceptual seeds before they are interpolated into executable script parameters.
- [REMOTE_CODE_EXECUTION]: The skill's primary function is the dynamic generation of executable JavaScript code within a self-contained HTML artifact (viewer.html). This code is assembled at runtime based on the agent's interpretation of user-influenced 'philosophies'.
- [EXTERNAL_DOWNLOADS]: The skill's template (viewer.html) fetches the p5.js library from Cloudflare's well-known and trusted CDN (cdnjs.cloudflare.com).
Audit Metadata