gifgrep
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata and documentation require the installation of the 'gifgrep' binary from third-party sources not included in the trusted list. Specifically, it suggests using a Homebrew tap (steipete/tap/gifgrep) or installing via Go from a personal GitHub repository (github.com/steipete/gifgrep).
- [COMMAND_EXECUTION]: The skill is designed to execute the 'gifgrep' CLI tool, which has the capability to write files to the '~/Downloads' directory and interact with system utilities like Finder using the '--reveal' flag.
- [CREDENTIALS_UNSAFE]: The documentation specifies the use of environment variables such as 'GIPHY_API_KEY' and 'TENOR_API_KEY' for service authentication. While standard for the tool, these represent sensitive credentials that must be managed securely by the agent.
- [PROMPT_INJECTION]: The skill processes external data (GIF titles, tags, and URLs) from Tenor and Giphy, which constitutes a surface for indirect prompt injection. 1. Ingestion points: API response fields from GIF providers processed by 'gifgrep'. 2. Boundary markers: None present in the skill instructions to delimit external content. 3. Capability inventory: 'gifgrep' binary execution, file system writes to '~/Downloads', and network requests. 4. Sanitization: Not specified in the skill body.
Audit Metadata