x-writer
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its ingestion of external, untrusted data for research.
- Ingestion points: The agent reads client-provided X posts, brand guidelines, and competitor profiles scraped via
mcp__firecrawl__firecrawl_scrape. - Boundary markers: Absent. The skill does not instruct the agent to use specific delimiters or to ignore instructions embedded in the external content.
- Capability inventory: The skill's capabilities are limited to calling MCP tools (
mcp__tasty_content__search_x,mcp__firecrawl__firecrawl_scrape) and writing text files to a localoutputs/directory. - Sanitization: No validation or sanitization processes for the ingested data are specified.
- [NO_CODE]: This skill consists solely of instructions within SKILL.md and does not include any executable scripts, binaries, or software packages.
Audit Metadata