algorithmic-art
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill template references the p5.js library hosted on cdnjs.cloudflare.com. This is a well-known and trusted service, and the download is essential for the skill's primary function of creating interactive art.
- [PROMPT_INJECTION]: The skill is designed to ingest user prompts and 'conceptual seeds' to generate interactive code artifacts, which creates a surface for indirect injection. However, this risk is associated with the skill's primary function and the resulting code is executed within a sandboxed artifact environment.
- Ingestion points: User requests for art themes and 'conceptual seeds' processed by SKILL.md.
- Boundary markers: None explicitly defined for user input interpolation.
- Capability inventory: Generation and execution of p5.js JavaScript code within browser-based artifacts.
- Sanitization: No specific validation or sanitization of user-provided conceptual inputs is defined.
- [SAFE]: No malicious patterns such as hardcoded credentials, data exfiltration, or persistence mechanisms were found in the provided files.
Audit Metadata