gifhorse
Warn
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's setup instructions clone a third-party repository from github.com/Coyote-git/gifhorse, which is not verified as a trusted vendor or associated with the skill's stated author.
- [REMOTE_CODE_EXECUTION]: The installation process executes pip install -e . within the cloned directory, allowing for arbitrary code execution through the package's installation scripts.
- [COMMAND_EXECUTION]: The skill uses shell commands to install system dependencies via Homebrew and to manage Python virtual environments.
- [PROMPT_INJECTION]: The skill processes untrusted external subtitle data downloaded from online providers. Ingestion points: Dialogue extraction in SKILL.md. Boundary markers: None. Capability inventory: Subprocess calls for FFmpeg and CLI tool execution. Sanitization: No evidence of sanitization for processed subtitle content.
Audit Metadata