twitter-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a pure documentation/instruction file (SKILL.md) with no executable code or scripts attached.
- [EXTERNAL_DOWNLOADS]: The skill references an external MCP server endpoint (https://rube.app/mcp). This is a configuration step for the user's agent and does not involve the skill itself downloading or executing remote code at runtime. This is considered a standard integration pattern for MCP-based skills.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or secrets were found. The skill correctly directs users to complete an OAuth flow through the
RUBE_MANAGE_CONNECTIONStool rather than asking for manual credential entry. - [COMMAND_EXECUTION]: There are no shell commands, subprocess calls, or system-level operations defined in the skill.
- [DATA_EXFILTRATION]: The skill manages Twitter data (posts, searches, bookmarks) through defined tool interfaces. No suspicious network patterns or unauthorized data transmission logic was detected.
- [PROMPT_INJECTION]: The instructions are focused on tool sequence and parameter handling for Twitter automation. No patterns attempting to bypass safety filters or override system instructions were found.
Audit Metadata