gifgrep
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation configuration fetches the
gifgrepbinary from an external third-party source:github.com/steipete/gifgrepvia Go or the Homebrew tapsteipete/tap/gifgrep. These sources are not on the trusted vendors list. - [COMMAND_EXECUTION]: The skill requires the execution of the external
gifgrepbinary for all search, download, and GIF processing tasks. - [CREDENTIALS_UNSAFE]: The skill references the use of
GIPHY_API_KEYandTENOR_API_KEYas environment variables for provider access, which requires the user to manage these secrets externally.
Audit Metadata