Skills
skills/ai-native-camp/camp-2/fetch-tweet/Gen Agent Trust Hub

fetch-tweet

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs outbound network requests to api.fxtwitter.com to retrieve tweet metadata and content. While this is necessary for the skill's purpose, it involves communication with a non-whitelisted third-party service.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted data from X/Twitter.
  • Ingestion points: External tweet text is retrieved from the api.fxtwitter.com API.
  • Boundary markers: The skill does not specify the use of delimiters or 'ignore' instructions for the fetched content to prevent the agent from interpreting it as instructions.
  • Capability inventory: The skill aggregates and processes (translates/analyzes) remote content, creating a surface where malicious text could influence the agent's behavior.
  • Sanitization: There is no evidence of sanitization, escaping, or filtering of the retrieved tweet text before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 11:03 AM