js-animation

This skill is a benign front-end animation guidance and recipe collection. It suggests loading widely used animation libraries from public CDNs and provides many DOM- and canvas-based animation examples that read and mutate the page. The main supply-chain consideration is the reliance on remote CDN-hosted libraries (jsdelivr, cdnjs) — a standard but non-zero supply-chain risk if those CDNs or referenced packages become compromised. There are also a few DOM insertion calls (insertAdjacentHTML) that, if fed untrusted content, could enable XSS in a page, but the recipes assume developer-authored content. No credential harvesting, remote exfiltration, command execution, or obfuscated/malicious code was found.