x-blogger-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
playwrightlibrary for automated browser interactions. This is a standard and trusted library maintained by Microsoft. - [COMMAND_EXECUTION]: The skill runs a local Python script,
scripts/fetch_tweets.py, to collect public data from X/Twitter profile pages. This execution is central to the skill's documented functionality. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests and processes untrusted external data (tweets) for analysis.
- Ingestion points: Content is retrieved from public X/Twitter pages via
scripts/fetch_tweets.pyor provided manually by the user. - Boundary markers: The skill does not employ specific delimiters or instructions to ignore embedded commands within the fetched content.
- Capability inventory: The skill includes file system writes to generate reports and local script execution capabilities.
- Sanitization: There is no evidence of filtering or escaping external data before it is passed to the AI for analysis.
Audit Metadata