gifgrep
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata includes instructions to install the
gifgreputility from the author's GitHub repository (github.com/steipete/gifgrep) via Go or a Homebrew tap (steipete/tap/gifgrep). These are identified as legitimate resources belonging to the skill's author. - [COMMAND_EXECUTION]: The skill provides numerous examples for executing the
gifgrepCLI tool to perform searches, download GIF files to~/Downloads, and generate still frames or contact sheets from local files. - [DATA_EXFILTRATION]: The instructions guide the agent to use environment variables (
GIPHY_API_KEY,TENOR_API_KEY) for authentication with third-party GIF providers, which is a standard and safe practice for secret management.
Audit Metadata