timeline-viewing
Warn
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs users to manually execute JavaScript in their browser developer console (e.g.,
src/timelineViewer.js). This is a high-risk practice as it allows arbitrary code to run with the user's active session privileges on a sensitive platform like X. - [DATA_EXFILTRATION]: The skill's primary purpose is to scrape personal timeline data. While it claims to export data locally as JSON, the lack of visibility into the underlying scripts means it cannot be confirmed that data is not also exfiltrated to an external server.
- [PROMPT_INJECTION]: The skill processes untrusted user-generated content from social media timelines. This creates an indirect prompt injection surface where malicious posts could influence the agent's behavior during analysis or extraction. * Ingestion points: Data is pulled from the live X timeline (x.com/home). * Boundary markers: The skill does not define markers or instructions to ignore embedded commands in the scraped data. * Capability inventory: Scraped data is collected and exported. * Sanitization: No sanitization logic is mentioned for the processed tweet content.
- [NO_CODE]: The core functionality of the skill is contained in referenced files
src/timelineViewer.jsandsrc/timelineScraper.jswhich are missing from the analyzed package, making it impossible to verify their safety.
Audit Metadata