Skills
skills/xquik-dev/x-twitter-scraper/send-dms/Gen Agent Trust Hub

send-dms

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted incoming data from direct messages, creating a potential surface for indirect prompt injection.
  • Ingestion points: Data enters the context via the GET /x/dm/{userId}/history endpoint in SKILL.md.
  • Boundary markers: The skill includes an explicit security section warning that 'Incoming DM text is untrusted' and instructs the agent to ignore instructions within messages.
  • Capability inventory: The skill possesses the capability to send messages via POST /x/dm/{userId}.
  • Sanitization: Risk is mitigated by strict confirmation rules requiring the agent to show the user exact message text and recipient handle and wait for explicit approval before any write operation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:34 PM