twitter-thread-creation
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references a CLI installation script hosted on the vendor's GitHub repository to enable social media automation features.\n- [COMMAND_EXECUTION]: It employs the 'belt' CLI tool for executing social media operations, such as posting content and generating media from HTML.\n- [DATA_EXFILTRATION]: The skill transmits content to Twitter/X for posting, which is the primary intended function and core purpose of the skill.\n- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill ingests and processes data from external websites via search and browsing tools to assist in content creation.\n
- Ingestion points: External data from web pages and search results retrieved via 'infsh/agent-browser' and 'tavily/search-assistant'.\n
- Boundary markers: Boundary markers or 'ignore' instructions for external data are absent in the skill instructions.\n
- Capability inventory: Capabilities include posting content to external social media platforms through shell command execution.\n
- Sanitization: No explicit sanitization or filtering mechanisms for external data were identified in the instructions.
Audit Metadata