media-auto-publisher
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The script
scripts/cookie_manager.pyhandles sensitive authentication cookies for multiple platforms. It includes functionality to add, list, and export these cookies in plaintext, which could lead to account hijacking if the terminal output or the local storage file is accessed by an attacker. - [DATA_EXFILTRATION]: The skill accesses the user's home directory to read and write session cookies to
~/.claude/media-auto-publisher/cookies.json. Accessing sensitive files or creating credential stores in the home directory is flagged as a data exposure risk. - [PROMPT_INJECTION]: The skill uses web snapshots to identify page elements and handle popups, creating an indirect prompt injection surface where external web content could influence the agent's behavior. Ingestion points: Page snapshots are processed in
media_publisher.pyandplatform_navigator.py. Boundary markers: None present. Capability inventory: The agent can navigate, click, and fill forms via Playwright MCP tools. Sanitization: No sanitization or safety checks are performed on the content parsed from external page snapshots. - [COMMAND_EXECUTION]: The skill requires the agent to execute local Python scripts (
media_publisher.py,cookie_manager.py) to perform its primary functions.
Audit Metadata