farcaster
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill processes untrusted data from the Farcaster social network, which introduces a surface for indirect prompt injection.
- Ingestion points: Social media content is ingested through
/fc feed,/fc search, and/fc usercommands defined inSKILL.md. - Boundary markers: There are no defined delimiters or instructions to isolate retrieved content from the agent's core instructions.
- Capability inventory: The skill provides the ability to perform actions based on processed data, such as
/fc post,/fc reply, and/fc follow. - Sanitization: No content filtering or instruction-detection mechanisms are specified in the skill configuration.
- NO_CODE (SAFE): The skill consists of markdown and YAML configuration without any embedded Python, Node.js, or shell scripts.
- CREDENTIALS_UNSAFE (SAFE): The skill utilizes environment variables (NEYNAR_API_KEY, NEYNAR_SIGNER_UUID) for authentication and does not contain any hardcoded secrets.
Audit Metadata