social-media-extractor
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
node:child_processto execute external tools such asffmpegandpython3 -m yt_dlp. These executions are essential for its core functionality of media processing and downloading, and commands are properly quoted to prevent shell injection. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of video content from various social media platforms using the well-known
yt_dlputility based on provided manifest files. - [DATA_EXFILTRATION]: Authentication session tokens and operational requests are transmitted to the vendor's hosted API (api.postplus.com). This communication is part of the official PostPlusAI service infrastructure and is consistent with the skill's purpose.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes data from social media platforms and handles local markdown files. The implementation includes boundary markers (e.g.,
<!-- postplus:block -->) and data validation logic to mitigate the risk of embedded instructions influencing agent behavior.
Audit Metadata