gifgrep
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
gifgrepbinary from thegithub.com/steipete/gifgreprepository using either Homebrew or the Go compiler. - [COMMAND_EXECUTION]: The skill relies on executing the
gifgrepcommand-line utility to search providers, download GIF files to the local system, and create image sheets. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: Data from external GIF providers like Tenor and Giphy entering the context. Boundary markers: No delimiters are specified to separate external data from instructions. Capability inventory: The skill can download files and execute subprocesses via the
gifgrepCLI tool. Sanitization: No sanitization of provider-returned metadata is documented.
Audit Metadata