Is gifgrep safe?
https://clawhub.ai/steipete/gifgrep
gifgrep is a benign documentation-only skill that wraps the gifgrep CLI tool for searching and downloading GIFs. It contains no executable code, no prompt injection attempts, and no data exfiltration mechanisms. The only notable observations are runtime-level reads of sensitive files (attributable to the OpenClaw platform, not the skill) and minor side-effect concerns around file downloads and API key references.
Category Scores
Findings (5)
LOW Runtime reads sensitive files during initialization -15 ▶
The OpenClaw runtime reads .env, .aws/credentials, and auth-profiles.json during skill installation. While this is runtime behavior (not skill-initiated), it means these files are loaded into the process memory space during audit.
LOW Skill references API key environment variables -10 ▶
SKILL.md documents GIPHY_API_KEY and TENOR_API_KEY environment variables. An agent following these instructions could inadvertently expose API keys in output if asked to troubleshoot or display configuration.
INFO Install metadata references external package sources -10 ▶
The metadata block specifies installation via steipete/tap/gifgrep (Homebrew) or github.com/steipete/gifgrep (Go module). These are external code sources, but installation is handled by the platform runtime, not by the skill directly.
LOW Download and Finder-reveal side effects -12 ▶
The --download flag writes GIF files to ~/Downloads and --reveal opens Finder. These are real filesystem and UI side-effects that could be triggered by an agent following skill instructions without explicit user confirmation.
INFO jiti transpilation cache created in /tmp -5 ▶
The OpenClaw runtime created transpiled CJS files in /tmp/jiti/ during initialization. This is standard jiti behavior for TypeScript transpilation caching and poses no security risk.