tweet-draft-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bash script with
findandgrepto search for unreviewed markdown files in the localcontent/tweet-drafts/directory. This is a routine operation for the skill's batch-processing feature.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes content from external files.\n - Ingestion points: Markdown files in the
content/tweet-drafts/folder and direct user-pasted text.\n - Boundary markers: None; the skill does not explicitly instruct the agent to ignore instructions contained within the draft text.\n
- Capability inventory: Restricted to local file discovery and reading via the bash tool. No network access, file writing, or administrative commands are present.\n
- Sanitization: None; draft content is processed directly to evaluate style rules.
Audit Metadata