slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (INFO): The skill requires standard, trusted dependencies (pillow, imageio, numpy) from established package registries.
- [PROMPT_INJECTION] (LOW): The skill exhibits an indirect injection surface. 1. Ingestion point: loading user files via Image.open('file.png') in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: The skill is restricted to image manipulation and saving files to the local disk (no subprocess, network, or eval calls). 4. Sanitization: Relying on library-level image parsing. Risk is low due to the lack of high-privilege capabilities.
- [SAFE] (SAFE): No malicious patterns, obfuscation, hardcoded credentials, or persistence mechanisms were detected.
Audit Metadata