x-thread
Pass
Audited by Gen Agent Trust Hub on Jul 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is composed entirely of natural language instructions and does not include any scripts, binaries, or executable commands. It functions as a prompt-based template for structured text generation.
- [DATA_EXFILTRATION]: The skill instructions include reading
social-context.mdand.agents/social-context.md. This is a benign pattern used to retrieve local user-defined branding rules (Voice, Audience, Pillars) and contains no logic for exfiltrating this data to external services. - [PROMPT_INJECTION]: The skill processes external data (source material like blog posts or notes) to generate threads.
- Ingestion points: Source material provided by the user and the local
social-context.mdfile. - Boundary markers: The instructions do not define specific delimiters for external content.
- Capability inventory: The skill has no capabilities to execute commands, write files, or perform network requests.
- Sanitization: No sanitization is performed, but the lack of high-privilege tools minimizes the risk of indirect prompt injection attacks.
Audit Metadata