mmk-threads
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'mmk' CLI tool to execute Threads-related operations. This tool is a vendor-provided resource from magic-meal-kits.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted data from Threads posts and replies. * Ingestion points: Untrusted data enters the context through the threads-posts and threads-replies sub-commands (SKILL.md). * Boundary markers: There are no specific delimiters or instructions provided to the agent to treat external content as data only. * Capability inventory: The skill has permission to execute bash commands through the 'mmk' CLI. * Sanitization: There is no documentation regarding the sanitization or filtering of the fetched social media content.
Audit Metadata