slack-gif-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (HIGH): The skill presents a high risk for indirect prompt injection because it ingests untrusted data and has side-effect capabilities.
- Ingestion points: Untrusted user-provided images are processed via PIL.Image.open and animation logic is derived from user-provided prompts.
- Boundary markers: Absent; there are no instructions for the agent to use delimiters or to disregard instructions embedded in the input data.
- Capability inventory: The skill includes file-writing capabilities through the builder.save() function in the GIFBuilder utility.
- Sanitization: Absent; the skill lacks any mechanisms to sanitize image metadata or validate input strings before use.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of pillow, imageio, and numpy. These dependencies are not from the predefined list of trusted organizations and are downloaded from a public registry, requiring manual verification for safety.
Recommendations
- AI detected serious security threats
Audit Metadata