social-media-scraping-scrapecreators
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read sensitive API keys from
~/.gooseworks/credentials.jsonduring the setup phase. - [COMMAND_EXECUTION]: The skill uses
python3 -csubprocesses to parse JSON credential files and export environment variables. - [DATA_EXFILTRATION]: Extracted credentials are sent to
api.gooseworks.aivia the Authorization header in multiplecurlcommands to the platform's proxy. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from social media platforms (X/Twitter, LinkedIn, Instagram, TikTok) without explicitly defined sanitization or boundary markers.
- Ingestion points: Data is fetched from external social media profiles and posts via the
scrapecreatorsAPI. - Boundary markers: None identified in the provided instructions or shell commands.
- Capability inventory: The skill primarily performs network operations (
curl) to interact with the scraping API. - Sanitization: There is no evidence of content filtering or escaping before the scraped data is presented to the agent.
Audit Metadata