x-posting
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
lsto browse the local content database and runspython3 agents/post_tweet.pyto trigger social media posts. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
getlate.devfor account management and scheduling. This external communication is integral to the skill's social media management purpose. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing external data from podcasts, blogs, and search results without sanitization. Ingestion points: Master Content Database and web searches (SKILL.md). Boundary markers: Absent in sub-agent prompts. Capability inventory: shell command execution, Python script execution, and network API requests (SKILL.md). Sanitization: No data validation or escaping is applied to the ingested content.
Audit Metadata