slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill translates user-provided natural language descriptions into animation logic, presenting an indirect prompt injection vulnerability surface.\n
- Ingestion points: User requests and content descriptions for GIF generation as described in SKILL.md.\n
- Boundary markers: Absent; the toolkit does not implement delimiters or instructions to isolate user-provided data from the agent's generative logic.\n
- Capability inventory: The skill possesses file system write access via the GIFBuilder.save method in core/gif_builder.py and advanced image manipulation through Pillow and imageio.\n
- Sanitization: Absent; the animation templates and core utilities do not perform sanitization or validation of user-provided strings before using them to drive visual outputs.
Audit Metadata