twitter-thread-writer
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface due to its reliance on external data. 1. Ingestion points: The skill uses
web_searchto gather information on products and competitors in SKILL.md. 2. Boundary markers: No explicit markers or instructions are provided to the agent to treat search results as untrusted or to ignore embedded instructions. 3. Capability inventory: The skill is restricted to text generation and formatting for social media; it does not possess capabilities for file system manipulation, code execution, or network exfiltration. 4. Sanitization: There is no process defined for sanitizing or validating the content retrieved from web searches before it is incorporated into the thread generation workflow.
Audit Metadata