social-media-scraping-scrapecreators

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read sensitive API keys from ~/.gooseworks/credentials.json during the setup phase.
  • [COMMAND_EXECUTION]: The skill uses python3 -c subprocesses to parse JSON credential files and export environment variables.
  • [DATA_EXFILTRATION]: Extracted credentials are sent to api.gooseworks.ai via the Authorization header in multiple curl commands to the platform's proxy.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from social media platforms (X/Twitter, LinkedIn, Instagram, TikTok) without explicitly defined sanitization or boundary markers.
  • Ingestion points: Data is fetched from external social media profiles and posts via the scrapecreators API.
  • Boundary markers: None identified in the provided instructions or shell commands.
  • Capability inventory: The skill primarily performs network operations (curl) to interact with the scraping API.
  • Sanitization: There is no evidence of content filtering or escaping before the scraped data is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:18 AM
Security Audit — agent-trust-hub — social-media-scraping-scrapecreators