feedgrab-batch
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute the
feedgrabCLI tool with various parameters to fetch content from platforms like X (Twitter), YouTube, and WeChat. This is the primary intended function of the skill. - [CREDENTIALS_UNSAFE]: While the skill mentions the use of API keys (e.g.,
YOUTUBE_API_KEY,TWITTERAPI_IO_KEY) and session cookies, it correctly instructs the user to configure these via environment variables or a login command (feedgrab login). No hardcoded credentials or secrets are present in the skill file. - [EXTERNAL_DOWNLOADS]: The skill mentions a dependency on an external tool named
feedgrab. It provides instructions for checking its presence (which feedgrab) and refers to a setup process (/feedgrab-setup), but does not contain direct download or execution of untrusted scripts from the internet. - [INDIRECT_PROMPT_INJECTION]: The skill's primary purpose is to fetch bulk content from external, user-generated sources (social media posts, search results, etc.). This inherently creates an indirect prompt injection surface if the fetched content contains instructions that the agent might inadvertently follow.
- Ingestion points: Data fetched from X, YouTube, Xiaohongshu, WeChat, and Zhihu.
- Boundary markers: None specified in the provided markdown file.
- Capability inventory: Shell command execution via the
feedgrabutility. - Sanitization: Not explicitly handled within the skill's instruction set.
Audit Metadata