Skills
skills/guanyang/antigravity-skills/baoyu-danger-x-to-markdown/Gen Agent Trust Hub

baoyu-danger-x-to-markdown

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local TypeScript files using the bun runtime or via npx if bun is not installed.
  • [EXTERNAL_DOWNLOADS]: Fetches media assets (images and videos) from X's content delivery networks (pbs.twimg.com, video.twimg.com) to store them locally when the --download-media flag is used.
  • [EXTERNAL_DOWNLOADS]: May use npx to download the bun execution environment if it is missing from the system.
  • [SAFE]: Contains a hardcoded bearer token in scripts/constants.ts, which is identified as the well-known public guest token for X's API and does not represent a credential leak.
  • [SAFE]: Implements a transparent consent mechanism that requires the user to acknowledge the risks of using a reverse-engineered API before the tool becomes operational.
  • [SAFE]: Utilizes Chrome DevTools Protocol (CDP) to capture authentication cookies from a browser session to enable scraping of authenticated content. These cookies are stored locally in the user's data directory for session persistence.
  • [PROMPT_INJECTION]: As the skill ingests and processes untrusted content from X (tweets and articles), an indirect prompt injection surface exists. Malicious content could be crafted to influence an agent's behavior when it later reads the generated markdown files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:27 PM
Security Audit — agent-trust-hub — baoyu-danger-x-to-markdown