Skills
skills/aaaaqwq/claude-code-skills/instagram-automation/Gen Agent Trust Hub

instagram-automation

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires connecting to an external MCP server (https://rube.app/mcp) from an unverified third-party source. While this introduces a remote dependency risk, the verdict severity is lowered because this dependency is the primary mechanism of the skill. \n- PROMPT_INJECTION (LOW): The skill processes untrusted data, creating a surface for indirect prompt injection. \n
  • Ingestion points: Untrusted content is read via INSTAGRAM_GET_IG_MEDIA_COMMENTS and INSTAGRAM_GET_IG_USER_MEDIA (SKILL.md). \n
  • Boundary markers: No delimiters or instructions are provided to isolate untrusted data or prevent the agent from following commands embedded in content. \n
  • Capability inventory: The agent can perform impactful actions like INSTAGRAM_CREATE_POST (SKILL.md) which could be misused if an injection occurs. \n
  • Sanitization: No sanitization of ingested comment content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 03:10 PM