Skills
skills/skills-shell/skills/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the belt-sh/cli tool via npx and references installation documentation hosted on GitHub in the inference-sh/skills repository.
  • [COMMAND_EXECUTION]: Utilizes the belt CLI tool to perform actions such as logging into services, posting content to Twitter/X, and generating images from HTML code.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection (Category 8) because it retrieves and processes content from external websites.
  • Ingestion points: Web content accessed via infsh/agent-browser and search results from tavily/search-assistant.
  • Boundary markers: The instructions do not include specific delimiters or guardrails to prevent the agent from following malicious instructions that might be embedded in the external content it browses.
  • Capability inventory: The agent has the capability to post to social media (x/post-create) and run browser commands, which could be exploited if an external source influences the agent's output.
  • Sanitization: No explicit sanitization or validation of the content retrieved from external URLs is mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 10:16 AM