The Agent Skills Directory

General Security (SAFE): The code performs standard image manipulation using well-known libraries like Pillow and NumPy. Analysis of the 13 files reveals a consistent, well-structured architecture for animation generation without any obfuscation, persistence, or privilege escalation patterns.
Indirect Prompt Injection (LOW): The skill possesses a vulnerability surface for indirect prompt injection as it processes text and emoji strings provided by the user. * Ingestion points: The object_data parameters in template files (e.g., templates/pulse.py, templates/shake.py, templates/spin.py) allow text and emojis to enter the agent context. * Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded commands within the rendered text. * Capability inventory: imageio.imwrite in core/gif_builder.py provides file-write capabilities for saving the generated GIFs. * Sanitization: Absent. The rendering logic does not escape or validate the contents of the strings before they are processed by Pillow. This surface is inherent to image generation tools and is considered low risk.

slack-gif-creator