slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate utilities for image processing and animation. Analysis of the core modules (
core/easing.py,core/frame_composer.py,core/gif_builder.py,core/validators.py) confirms they are restricted to mathematical calculations, PIL-based drawing, and GIF encoding using established libraries. - [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface as it is designed to ingest and process user-provided images.
- Ingestion points: User-uploaded files are processed via
Image.openinSKILL.mdand the validation logic incore/validators.py. - Boundary markers: There are no explicit delimiters or specific instructions to ignore embedded instructions or metadata within the processed images.
- Capability inventory: The skill possesses file-writing capabilities via the
imageio.imwritecall incore/gif_builder.py. - Sanitization: The skill does not perform sanitization or filtering of image metadata (such as EXIF data) before processing.
Audit Metadata