postey
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices. It manages API credentials using secure file permissions (0o600) and environment variables. It explicitly instructs the AI agent not to search for credentials in unauthorized locations like system keychains or history files.
- [COMMAND_EXECUTION]: The scripts utilize local utilities such as
ffmpeg,yt-dlp, andwhisperto process video content. These are executed using secure subprocess methods (spawnSyncwith argument arrays), which prevents shell injection vulnerabilities. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content by transcribing external videos.
- Ingestion points: Untrusted data enters the context via the transcript output of
video2post.js(collected inSKILL.mdandvideo2post.js). - Boundary markers: The skill provides clear 'Automation Guidelines' and a 'Caption Generation Guide' to define how the agent should handle and transform this data.
- Capability inventory: The skill can post content to social media APIs and read/write local configuration files.
- Sanitization: The skill relies on the agent to interpret the transcript as raw data and manually apply the provided formatting rules before publishing, reducing the risk of malicious instructions being executed as commands.
- [DATA_EXFILTRATION]: Network operations are restricted to the vendor's documented domains (
postey.ai,postey.com). The use of OAuth for authentication is implemented correctly with local callback handling.
Audit Metadata