Trust Assessment
slack-gif-creator received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 13 findings: 0 critical, 3 high, 10 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned Python dependency version, Arbitrary File Write via GIF Output Path.
The analysis covered 4 layers: dependency_graph, static_code_analysis, manifest_analysis, llm_behavioral_safety. The llm_behavioral_safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit 6195a031). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings13
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via GIF Output Path The `GIFBuilder.save` method takes an `output_path` parameter which is used directly to write the generated GIF to the filesystem. If an AI agent using this skill allows user input to directly or indirectly control this `output_path` without proper sanitization (e.g., path traversal checks, restricting to a designated directory), an attacker could write arbitrary files to arbitrary locations on the system, potentially leading to data corruption, denial of service, or remote code execution if executable files can be overwritten. Implement strict input validation and sanitization for the `output_path` parameter. Ensure that the path is confined to a designated, sandboxed directory and does not contain path traversal sequences (e.g., `../`). Consider using a UUID or similar mechanism for filenames to prevent overwriting existing files or guessing file names. | Unknown | core/gif_builder.py:109 | |
| HIGH | Arbitrary File Read via GIF Path Validation The `check_slack_size` and `validate_gif` functions in `core/validators.py` accept a `gif_path` parameter which is used to open and read the specified file. If an AI agent using this skill allows user input to directly or indirectly control this `gif_path` without proper sanitization, an attacker could read arbitrary files from the system (e.g., `/etc/passwd`, sensitive configuration files). This could lead to information disclosure. Implement strict input validation and sanitization for the `gif_path` parameter. Ensure that the path is confined to a designated, sandboxed directory where GIFs are expected to be stored, and does not contain path traversal sequences (e.g., `../`). Avoid allowing direct user-controlled paths to file system operations. | Unknown | core/validators.py:10 | |
| HIGH | Arbitrary File Read via GIF Path Validation The `validate_gif` function in `core/validators.py` accepts a `gif_path` parameter which is used to open and read the specified file using `PIL.Image.open()`. If an AI agent using this skill allows user input to directly or indirectly control this `gif_path` without proper sanitization, an attacker could read arbitrary files from the system (e.g., `/etc/passwd`, sensitive configuration files). This could lead to information disclosure or denial of service if a malformed file is opened. Implement strict input validation and sanitization for the `gif_path` parameter. Ensure that the path is confined to a designated, sandboxed directory where GIFs are expected to be stored, and does not contain path traversal sequences (e.g., `../`). Avoid allowing direct user-controlled paths to file system operations. | Unknown | core/validators.py:100 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/core/easing.py:5 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/core/frame_composer.py:5 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/core/gif_builder.py:5 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/core/typography.py:5 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/core/visual_effects.py:5 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/templates/move.py:5 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pillow>=10.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'imageio>=2.31.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'imageio-ffmpeg>=0.4.9' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/requirements.txt:3 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ggt9szex/repo/skills/slack-gif-creator/requirements.txt:4 |
Scan History
Embed Code
[](https://skillshield.io/report/a9a73e40d6ed29b9)
Powered by SkillShield