slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- [External Downloads] (LOW): The skill requires standard Python libraries (
pillow,imageio,numpy) for image processing. These are well-known, trusted packages. - [Indirect Prompt Injection] (LOW): The skill includes functionality to process user-uploaded images (
Image.open('file.png')). While necessary for the skill's purpose, ingesting untrusted data creates a potential attack surface if the agent interprets instructions embedded in file metadata or accompanying text. - [Command Execution] (SAFE): No arbitrary shell command execution or unsafe subprocess calls were detected. The Python code snippets are focused on graphics rendering.
- [Data Exfiltration] (SAFE): The skill does not contain network operations or patterns suggesting the unauthorized transmission of sensitive data.
- [Obfuscation] (SAFE): No encoded strings, hidden characters, or homoglyphs were found in the instructions or code.
Audit Metadata