Skills
skills/aaaaqwq/agi-super-team/x-articles/Gen Agent Trust Hub

x-articles

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/publish-article.sh invokes the agent-browser CLI tool to perform automated actions within a web browser, including navigation and UI interaction.
  • [COMMAND_EXECUTION]: The script scripts/publish-article.sh uses the pbcopy command to move data from the article file to the system clipboard.
  • [EXTERNAL_DOWNLOADS]: The skill requires the agent-browser package, which must be installed from a standard public registry (NPM).
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) due to the way it handles external content.
  • Ingestion points: Untrusted article content is read from local files by scripts/format-for-x.sh and scripts/publish-article.sh.
  • Boundary markers: The processing flow lacks delimiters or specific instructions to ignore embedded agent commands within the text.
  • Capability inventory: The skill uses agent-browser to control a logged-in X (Twitter) account and can execute JavaScript via the evaluate method to interact with the page DOM.
  • Sanitization: There is no sanitization or verification logic to ensure the article content does not contain instructions designed to manipulate the agent's browser automation behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 07:00 AM