gifgrep
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the gifgrep utility from a third-party GitHub repository (steipete/gifgrep) using go install or brew.
- [COMMAND_EXECUTION]: Executes the gifgrep binary with various flags to search, download, and process GIF files.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it processes search results from external GIF providers (Tenor, Giphy). * Ingestion points: API responses from Tenor and Giphy. * Boundary markers: None identified. * Capability inventory: Binary execution of gifgrep and shell pipes to jq. * Sanitization: No explicit sanitization of external metadata mentioned.
Audit Metadata