youmind-x-article
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Node.js and NPM commands for dependency management and execution. The toolset is built from TypeScript source code provided in the repository.
- [DATA_EXFILTRATION]: Network operations are strictly limited to the vendor's official API domains (youmind.com and cdn.gooo.ai). No unauthorized data transmission or exfiltration of sensitive system files was detected.
- [CREDENTIALS_UNSAFE]: The skill adopts a secure-by-default posture for credentials. It does not store X (Twitter) authentication tokens locally; instead, it relies on a YouMind API key which the user is instructed to place in a standard configuration file (~/.youmind/config.yaml). Examples use non-functional placeholders.
- [REMOTE_CODE_EXECUTION]: All code is local to the toolkit. Dependencies are standard, well-known packages from the NPM registry (commander, node-fetch, yaml).
Audit Metadata