social-media-extractor

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses node:child_process to execute external tools such as ffmpeg and python3 -m yt_dlp. These executions are essential for its core functionality of media processing and downloading, and commands are properly quoted to prevent shell injection.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of video content from various social media platforms using the well-known yt_dlp utility based on provided manifest files.
  • [DATA_EXFILTRATION]: Authentication session tokens and operational requests are transmitted to the vendor's hosted API (api.postplus.com). This communication is part of the official PostPlusAI service infrastructure and is consistent with the skill's purpose.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes data from social media platforms and handles local markdown files. The implementation includes boundary markers (e.g., <!-- postplus:block -->) and data validation logic to mitigate the risk of embedded instructions influencing agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:14 AM
Security Audit — agent-trust-hub — social-media-extractor