thread-writer
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill attempts to read a local configuration file at .agents/social-media-context.md. This is used to maintain consistent voice and tone based on user preferences and does not constitute unauthorized data access.
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to use the create_post tool to publish threads. This behavior is consistent with the skill's primary function and relies on the user's connected integrations.
- [PROMPT_INJECTION]: The skill processes user-supplied notes and articles as input for content generation, which presents a surface for indirect instructions. 1. Ingestion points: User-provided topics and notes mentioned in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Use of the create_post tool. 4. Sanitization: No explicit sanitization of ingested content is mentioned.
Audit Metadata