postiz
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The CLI implementation uses shell commands to facilitate the OAuth2 device authorization flow by opening the system default web browser (src/commands/auth.ts).
- [DATA_EXFILTRATION]: The skill provides the ability to read local media files and upload them to the Postiz API for social media publishing; this behavior is aligned with the tool's primary purpose (src/commands/upload.ts).
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the agent retrieves and processes untrusted external content from social media platforms. Ingestion points: Social media content and analytics retrieved via 'posts:list' and 'analytics:*' commands. Boundary markers: No specific delimiters or boundary markers were identified in the instruction set. Capability inventory: The skill has network access (API requests), file system access (media uploads), and subprocess execution capabilities (opening browser). Sanitization: No explicit sanitization or filtering of external platform data was identified.
Audit Metadata