slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes user-uploaded images, which serves as an ingestion point for untrusted data.
- Ingestion points: External images are opened via
Image.open('file.png')as shown inSKILL.md. - Boundary markers: There are no explicit markers or instructions to treat image content or metadata as untrusted.
- Capability inventory: The skill allows for writing files to the disk using the
GIFBuilder.save()method. - Sanitization: There is no mention of sanitizing or validating image metadata before processing.
Audit Metadata