keyapi-instagram-content-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the remote vendor API at
https://mcp.keyapi.aito facilitate content discovery and retrieve engagement metrics. This connection is consistent with the skill's stated purpose and is documented in the setup instructions.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests and processes untrusted user-generated content (e.g., post captions, comments, and Reel descriptions) from Instagram.\n - Ingestion points: Untrusted content enters the agent's context through tools like
get_post_comments,get_post_info, andget_posts_by_hashtagvia thescripts/run.jsutility.\n - Boundary markers: The skill instructions lack explicit boundary markers or instructions to the agent to disregard embedded commands in the retrieved content.\n
- Capability inventory: The skill environment permits the agent to execute local scripts, perform network requests to the vendor server, and manage local file system access via a cache directory.\n
- Sanitization: No sanitization or validation mechanisms are implemented to filter or escape the retrieved Instagram content before it is processed.
Audit Metadata