tweetsmash-api

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill is designed to interact with the official TweetSmash API. It recommends using the TWEETSMASH_API_KEY environment variable for authentication, which is a secure practice for managing API credentials.
  • [COMMAND_EXECUTION]: The skill includes a local script, scripts/build-bookmarks-url.py, which is used to generate properly encoded URLs for API queries. This script uses standard Python libraries and does not perform any network operations or external code execution.
  • [DATA_EXFILTRATION]: All network requests are directed to the service's official domain at api.tweetsmash.com. There is no evidence of sensitive data being sent to unauthorized or unknown external domains.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:28 AM
Security Audit — agent-trust-hub — tweetsmash-api