Skills
skills/davepoon/buildwithclaude/twitter-automation/Gen Agent Trust Hub

twitter-automation

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the registration of an external MCP server at https://rube.app/mcp. This domain and organization (Rube/Composio) are not included in the Trusted External Sources list. Registering a third-party MCP server allows that server to receive all prompt data intended for the tools and potentially intercept sensitive social media tokens or content.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). It retrieves untrusted data from Twitter that could contain malicious instructions.
  • Ingestion points: TWITTER_RECENT_SEARCH, TWITTER_USER_LOOKUP_BY_USERNAME, and TWITTER_BOOKMARKS_BY_USER tools.
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or warnings to ignore instructions within the retrieved data.
  • Capability inventory: The skill has high-impact capabilities including TWITTER_CREATION_OF_A_POST, TWITTER_POST_DELETE_BY_POST_ID, and media uploads.
  • Sanitization: Absent. There is no mention of filtering or escaping content retrieved from the Twitter API before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 08:18 AM