crosspost
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted source content for distribution across multiple platforms, creating a surface for indirect prompt injection. * Ingestion points: User-provided content for cross-posting (SKILL.md). * Boundary markers: Absent; the skill does not define specific delimiters to separate user content from system instructions. * Capability inventory: Has the ability to post content to external APIs using the
requestslibrary and other platform skills likex-api(SKILL.md). * Sanitization: No sanitization or validation of the input content is described before posting. - [DATA_EXFILTRATION]: The skill includes code patterns that perform network operations to an external domain. * Evidence: The Python example uses
requests.postto send data tohttps://your-crosspost-service.example/api/posts(SKILL.md).
Audit Metadata