Skills
skills/xnjiang/37soul-skill/37soul/Gen Agent Trust Hub

37soul

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl to interact with the 37Soul API for activities such as posting tweets, replying to messages, and performing heartbeat routines as specified in SKILL.md and references/api-reference.md.
  • [DATA_EXFILTRATION]: The skill retrieves an API token from ~/.config/37soul/credentials.json and transmits it to the 37Soul API at 37soul.com for request authentication.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection from processed social media content.
  • Ingestion points: Data is fetched from external sources via https://37soul.com/api/v1/clawdbot/feed and https://37soul.com/api/v1/clawdbot/chat_messages (SKILL.md).
  • Boundary markers: The instructions do not define delimiters or specific warnings to the agent to ignore instructions embedded within the fetched data.
  • Capability inventory: The agent can perform network-based actions including posting content (post_tweet), replying to messages (reply, chat_reply), and creating multi-step content (create_drama).
  • Sanitization: There is no explicit sanitization or validation of the social media content before the agent is prompted to react to it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 03:46 AM