gifgrep
Warn
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing an external binary,
gifgrep, from a third-party GitHub user (steipete) via Homebrew or the Go module system. This source is not included in the trusted vendor list.\n- [COMMAND_EXECUTION]: The skill functions by executing thegifgrepcommand-line utility. It also includes instructions for piping output to shell utilities likejqandhead.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes and displays content (such as GIF titles and tags) from external APIs (Tenor and Giphy).\n - Ingestion points: Data retrieved from Tenor and Giphy APIs is parsed by the tool and returned to the agent's context.\n
- Boundary markers: There are no boundary markers or instructions to the agent to treat external GIF metadata as untrusted content.\n
- Capability inventory: The skill allows for command execution, file downloads to
~/Downloads, and revealing files in the system file manager.\n - Sanitization: No sanitization or validation of the remote API content is performed before it is presented to the agent.
Audit Metadata