Skills
skills/inference-sh-skills/skills/ai-social-media-content/Gen Agent Trust Hub

ai-social-media-content

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes belt CLI commands via Bash to interact with various AI model endpoints for generating media and text.
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions for the belt CLI and recommends adding related skills from the inference-sh organization on GitHub.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its workflow of chaining outputs between different AI models.
  • Ingestion points: Data generated by language models (e.g., Claude) is saved to files like script.json and subsequently used as input prompts for downstream tools like kokoro-tts and omnihuman-1-5.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present when interpolating model-generated content into new prompts.
  • Capability inventory: The skill possesses the capability to execute shell commands (belt) and interact with external APIs, including social media platforms (twitter/post-tweet).
  • Sanitization: There is no evidence of sanitization or escaping of the content produced by LLMs before it is processed by subsequent tools in the pipeline.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 02:28 AM
Security Audit — agent-trust-hub — ai-social-media-content