slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements all animation and image manipulation logic within its own modules and templates. It utilizes reputable, standard image processing libraries and does not attempt to access sensitive system files or establish unauthorized network connections.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes user-provided text and emojis for rendering in the generated GIFs. 1. Ingestion points: User-supplied descriptions for GIF content processed via SKILL.md. 2. Boundary markers: Absent; user text is interpolated directly into rendering functions. 3. Capability inventory: Writing GIF files to the local file system (imageio.imwrite in core/gif_builder.py) and accessing system font resources (ImageFont.truetype in core/typography.py). 4. Sanitization: No specific validation or filtering is performed on the text or emojis before they are rendered into GIF frames.
Audit Metadata