find-twitter-influencers
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read API credentials from a local configuration file located at
~/.gooseworks/credentials.json.- [DATA_EXFILTRATION]: Extracted credentials from the local file are transmitted to an external service (api.gooseworks.ai) via theAuthorizationheader in subsequent network requests.- [COMMAND_EXECUTION]: The skill utilizes shell commands viapython3 -cto parse JSON files and extract specific configuration fields.- [EXTERNAL_DOWNLOADS]: The skill interacts with various third-party APIs (such as Brand.dev, Exa, Fiber, Scrape Creators, Hunter, and Tomba) through a vendor-controlled proxy. It also instructs the user to runnpx gooseworks login, which involves downloading and executing code from the npm registry.- [PROMPT_INJECTION]: The skill ingests untrusted text content from web search results to identify and extract influencer handles. - Ingestion points: Text content from Exa search results described in Step 3 and Step 4 of
SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The skill has access to shell execution (
python3) and network operations (curl) as described inSKILL.md. - Sanitization: The skill uses pattern-based extraction (e.g., matching
@usernameor profile URLs) which provides a layer of structural validation for the ingested data.
Audit Metadata