Skills
skills/sundial-org/awesome-openclaw-skills/animation-gen/Gen Agent Trust Hub

animation-gen

Warn

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill directs users to run npx ai-animation, which fetches code from the npm registry. The author, LXGIC Studios, is not a recognized trusted source, making this an unverified external dependency.
  • REMOTE_CODE_EXECUTION (MEDIUM): Use of npx facilitates the immediate execution of remote code on the user's machine. Without a locked version or a trusted author, this represents a supply-chain risk where the remote package could be updated with malicious code.
  • CREDENTIALS_UNSAFE (LOW): The requirement for an OPENAI_API_KEY environment variable is documented. While common for AI tools, providing high-value secrets to unverified CLI tools creates a risk of credential exfiltration.
  • COMMAND_EXECUTION (LOW): The skill's primary interface is the command line, involving the execution of sub-processes and potential file writes (-o animations.ts).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 22, 2026, 05:44 AM