x-mentor-skill-nuwa
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input when the user pastes tweets for review or provides account data for diagnostics, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: User-pasted tweet content in Scenario B and pasted account export data in Scenario E.
- Boundary markers: Absent; there are no instructions to the agent to disregard embedded commands in the processed data.
- Capability inventory: The skill facilitates file writing to the local
user-data/directory and potentially uses browser tools to collect data. - Sanitization: No sanitization or validation of external content is specified before the agent processes or saves the data.
Audit Metadata