algorithmic-art
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the p5.js library from the Cloudflare-hosted CDNJS repository and retrieves font assets from Google Fonts.
- [COMMAND_EXECUTION]: Generates and executes p5.js JavaScript code within a browser-based HTML artifact to produce generative art.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes user-provided inputs to generate code. * Ingestion points: User instructions and 'conceptual seeds' are ingested via SKILL.md. * Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the processing flow. * Capability inventory: The skill generates and executes JavaScript within an HTML artifact (viewer.html). * Sanitization: There is no evidence of sanitization or validation of the user input before it is interpolated into the generated code.
Audit Metadata