x-twitter-growth
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill is composed of data processing scripts and documentation focused on Twitter/X growth strategies.
- [COMMAND_EXECUTION]: The Python scripts (growth_tracker.py, thread_builder.py, tweet_analyzer.py) use standard libraries for file parsing and statistics. They do not utilize subprocesses, shell commands, or other risky execution sinks.
- [DATA_EXFILTRATION]: No network-related modules (e.g., requests, urllib, socket) are present in the code. The skill does not possess the capability to transmit data externally, and no hardcoded credentials were found.
- [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it ingests external CSV and text files. However, the risk is negligible as the skill lacks exploitable capabilities like network access or system modification.
- Ingestion points: scripts/tweet_analyzer.py, scripts/thread_builder.py, and scripts/growth_tracker.py ingest data via command-line file arguments.
- Boundary markers: Data is parsed using standard CSV and JSON libraries; no specific injection-prevention delimiters are present.
- Capability inventory: Functionality is limited to text analysis and printing metrics to the console.
- Sanitization: Data is handled as literal strings without downstream interpretation or execution.
Audit Metadata