slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user-uploaded images and natural language instructions to generate animation frames.\n
- Ingestion points: User-provided images are loaded using
PIL.Image.open()in the 'Working with User-Uploaded Images' section of SKILL.md.\n - Boundary markers: No specific boundary markers or instructions are provided to separate user data from the agent's logic.\n
- Capability inventory: The skill utilizes PIL for image manipulation and allows writing output files to the local directory via
builder.save().\n - Sanitization: No explicit sanitization of image metadata or file content is performed beyond the default behavior of the Pillow library.\n- External Downloads (LOW): The skill requests the installation of
pillow,imageio, andnumpy. These are well-known, trusted packages from the standard PyPI registry; however, versions are not pinned, representing a minor security best-practice violation.
Audit Metadata