motion-canvas
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill documentation (SKILL.md, docs/topics/create.md) directs the agent or user to install external dependencies via
npm installand scaffold projects usingnpm init @motion-canvas@latest. It also references external code via git submodules in therepos/directory. Although these are standard procedures for the Motion Canvas library, they involve executing third-party code from external registries. Per the primary purpose rule, the severity is downgraded to LOW. - PROMPT_INJECTION (LOW): The skill implements a data-processing surface for indirect prompt injection by using behavioral descriptions to drive code generation.
- Ingestion points: Video descriptions in
docs/test-video-interface.md,docs/test-video-layouts.md, anddocs/test-video-signals-act1.md. - Boundary markers: Delimiters are absent in the markdown data files; instructions in the README provide only basic behavioral constraints.
- Capability inventory: The skill allows the agent to write
.tsxfiles and execute shell commands for testing (npm run docs-agent-test). - Sanitization: No sanitization, validation, or escaping of the external markdown content is performed before processing.
Audit Metadata