instagram-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, hardcoded secrets, or unauthorized execution methods were found. The skill documentation describes legitimate API interactions for Instagram automation.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists due to the ingestion of user-generated content from media comments. However, this is a core functional requirement of the skill and is assessed as safe. 1. Ingestion points: Untrusted data enters the agent context via
INSTAGRAM_GET_IG_MEDIA_COMMENTS(documented inSKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided. 3. Capability inventory: The skill has write access throughINSTAGRAM_CREATE_POSTandINSTAGRAM_POST_IG_USER_MEDIA_PUBLISH(documented inSKILL.md). 4. Sanitization: No sanitization or filtering of fetched comment content is specified in the workflow.
Audit Metadata