Skills
skills/playableintelligence/game-creator/fetch-tweet/Gen Agent Trust Hub

fetch-tweet

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to api.fxtwitter.com to retrieve tweet data. This is a well-known and widely used service for accessing tweet content as plain JSON, avoiding the complexities of the official API and JavaScript rendering requirements.
  • [PROMPT_INJECTION]: The skill processes content from an external source (tweet text), which creates a surface for indirect prompt injection. If a fetched tweet contains instructions intended to manipulate the agent, it could influence behavior. This is a standard risk for web-fetching tools. \n
  • Ingestion points: Tweet text and metadata returned from WebFetch in SKILL.md. \n
  • Boundary markers: Absent; the skill does not explicitly wrap fetched content in delimiters. \n
  • Capability inventory: Uses WebFetch for network access. \n
  • Sanitization: None; the skill presents the raw text of the tweet.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 04:59 PM
Security Audit — agent-trust-hub — fetch-tweet