x-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill workflow involves executing multiple local Python scripts via shell commands (e.g., fetch_tweets.py, analyze_posts.py). While these are internal scripts, shell execution is a privileged operation.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill requires standard, verifiable Python packages including apify-client, google-genai, and python-dotenv. No suspicious or unversioned remote script downloads were detected.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it ingests and processes untrusted content from X/Twitter. 1. Ingestion points: fetch_tweets.py scrapes tweet data via the Apify API. 2. Boundary markers: No delimiters or instruction-ignore warnings are present in the processing logic. 3. Capability inventory: The skill has the ability to execute subprocesses and write files to the local disk. 4. Sanitization: The provided scripts do not show sanitization of tweet content before it is likely used in LLM-based analysis or reporting.
Audit Metadata