twitter-reader
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches data from the Jina AI Reader API, a well-known service for converting web content to Markdown.
- [COMMAND_EXECUTION]: The skill uses curl to interact with the Jina API. The Python script uses subprocess.run with a list of arguments, which prevents shell injection. The scripts validate that URLs start with approved x.com or twitter.com prefixes.
- [CREDENTIALS_UNSAFE]: The skill correctly handles the JINA_API_KEY by using environment variables or a .env file rather than hardcoding credentials.
- [PROMPT_INJECTION]: The skill retrieves untrusted content from Twitter. 1. Ingestion points: Data is fetched via curl in scripts/fetch_tweet.py and scripts/fetch_tweets.sh. 2. Boundary markers: Absent. 3. Capability inventory: The skill has network access and file-write capabilities. 4. Sanitization: Absent. This represents an indirect prompt injection surface inherent to data retrieval tasks.
Audit Metadata