post-tweets
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill involves processing untrusted user-generated content from X timelines and replies, creating a surface for indirect prompt injection. \n
- Ingestion points: External tweet content referenced in the security notes (SKILL.md). \n
- Boundary markers: Mandatory Human-in-the-loop (HITL) approval is required for the final payload before any API call. \n
- Capability inventory: Network operations for posting and deleting tweets via the Xquik API. \n
- Sanitization: Explicit instructions are provided to treat scraped content as untrusted data and ignore any embedded commands. \n- [SAFE]: Authentication is handled correctly via environment variables (XQUIK_API_KEY) rather than hardcoded credentials. \n- [SAFE]: All network communications are directed to the vendor's verified domain (xquik.com).
Audit Metadata