baoyu-post-to-x
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
node:child_processmodule to interact with system-level utilities for cross-platform functionality. It executesosascripton macOS for window activation and keystroke simulation,powershell.exeon Windows for clipboard management and keystrokes, and tools likexcliporwl-copyon Linux. It also spawns Google Chrome or Chromium instances with remote debugging enabled to facilitate automation via the Chrome DevTools Protocol (CDP). - [EXTERNAL_DOWNLOADS]: The
md-to-html.tsscript features functionality to download remote images linked in Markdown files. These files are retrieved using standard Node.jshttpandhttpsmodules and stored in a temporary directory before being processed for upload to X. - [DYNAMIC_EXECUTION]: For macOS compatibility, the skill dynamically generates and executes a Swift script (
clipboard.swift) at runtime. This script is used to perform advanced clipboard operations involving rich text (HTML) and image data through the AppKit framework, which are otherwise difficult to achieve via standard CLI tools. - [VULNERABILITY_SURFACE]: The skill processes user-provided Markdown files and external images. While the logic focuses on converting this content for publication on X, the ingestion of external data constitutes an indirect prompt injection surface. The agent should verify the source of Markdown files to prevent the unintended publication of malicious content or instructions.
Audit Metadata