instagram-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection as it processes untrusted data from Instagram. • Ingestion points: The skill retrieves user-generated comments using the
INSTAGRAM_GET_IG_MEDIA_COMMENTStool. • Boundary markers: There are no instructions to use delimiters or ignore embedded commands within the processed data. • Capability inventory: The skill possesses significant capabilities, including the ability to publish posts and manage media containers. • Sanitization: No sanitization or validation of the retrieved comment data is described in the provided workflows. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to configure an external MCP server at
https://rube.app/mcp. This third-party endpoint is required for the Instagram toolkit but involves sending data to a non-standard external service. - [NO_CODE]: No executable script files (.py, .js, .sh) are included in the skill; it consists purely of markdown-based tool usage instructions and configuration.
Audit Metadata