twitter-automation
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and directs the download of external resources and dependencies, including installation scripts and documentation hosted on
raw.githubusercontent.comandinference.shdomains. - [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to executebeltCLI commands. This includes authentication viabelt loginand the execution of specific social media automation tasks usingbelt app run. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes user-provided content for social media posts.
- Ingestion points: The
textandmedia_urlparameters in the JSON input for thebeltCLI commands. - Boundary markers: None present; user-supplied strings are interpolated into the command arguments.
- Capability inventory: Shell command execution via the
Bashtool to interact with the external platform. - Sanitization: No explicit sanitization or input validation is performed within the skill instructions.
Audit Metadata