graphic-gif
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs a shell script (export-gif.sh) to coordinate the GIF creation process, including directory management, dependency installation, and script execution.
- [EXTERNAL_DOWNLOADS]: The skill's orchestration script uses npm and npx to download and install standard libraries (gifenc, sharp, playwright) and the Chromium browser from the official NPM registry and Microsoft's infrastructure.
- [REMOTE_CODE_EXECUTION]: An optional AI generation feature makes POST requests to the Kling AI API (api.klingai.com) to generate videos, which are then processed using local ffmpeg tools.
- [PROMPT_INJECTION]: The skill generates HTML and CSS based on user-provided prompts and renders it using a local headless browser, creating a potential surface for indirect prompt injection.
- Ingestion points: User-provided prompt in SKILL.md used for HTML generation.
- Boundary markers: The agent is instructed to produce self-contained HTML with limited external dependencies.
- Capability inventory: Execution of shell commands, NPM package installation, and browser rendering via Playwright (scripts/export-gif.sh, scripts/capture-and-encode.mjs).
- Sanitization: The skill relies on the AI model to generate safe code; there is no explicit sanitization step for the generated HTML content before it is processed by the renderer.
Audit Metadata