influencer-prospecting

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected.
  • [SAFE]: Secure credential management via environment variables for the vendor API key.
  • [PROMPT_INJECTION]: The skill processes untrusted content from social media platforms, creating a surface for indirect prompt injection.
  • Ingestion points: Social media profile and search data (TikTok, Instagram, YouTube) fetched via WebFetch in SKILL.md instructions.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided.
  • Capability inventory: Access to Bash, Write, and WebFetch tools.
  • Sanitization: No explicit data validation or sanitization of external content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 07:56 AM
Security Audit — agent-trust-hub — influencer-prospecting