social-listening
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
orth runcommand to invoke specific tools (exa,scrapecreators,scrapegraph) for web searching and data extraction. This is a standard and safe way to utilize platform tools. - [EXTERNAL_DOWNLOADS]: The skill retrieves data from external platforms including Twitter, LinkedIn, and various web domains. These operations are performed via authorized tools for the purpose of research and sentiment analysis, rather than downloading executable code.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the web in SKILL.md.
- Ingestion points: Data enters the agent context via Exa search results and Scrape Creators social media feeds.
- Boundary markers: No specific delimiters or instructions are used to wrap the untrusted external content.
- Capability inventory: The skill uses
orth runto execute defined tools; it does not possess arbitrary shell execution or file-system modification capabilities. - Sanitization: There is no evidence of filtering or sanitization of the scraped content before it is processed by the agent.
Audit Metadata