baoyu-post-to-x
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple system-level commands across different platforms. On macOS, it uses
osascriptfor app activation and keystroke simulation. On Windows, it leverages PowerShell'sSendKeysandClipboardclasses. On Linux, it utilizesxdotoolorydotoolfor keyboard automation. It also includes instructions to usepkillandpgrepfor managing browser processes.\n- [COMMAND_EXECUTION]: Thecopy-to-clipboard.tsandcheck-paste-permissions.tsscripts dynamically generate Swift source code from hardcoded templates on macOS. This code is written to temporary files and executed using the localswiftinterpreter to handle rich-text and image clipboard operations.\n- [EXTERNAL_DOWNLOADS]: Themd-to-html.tsscript is designed to download remote images via HTTPS during the Markdown-to-HTML conversion process for X Articles. This allows the inclusion of remote assets in long-form posts.\n- [PROMPT_INJECTION]: The skill processes user-provided Markdown files through themd-to-html.tsscript, creating an indirect prompt injection surface. Ingestion occurs via Markdown file reading; capability inventory includes system command execution and browser control; sanitization is performed via themarkedlibrary; however, explicit boundary markers for content separation are absent.
Audit Metadata