Skills
skills/deletexiumu/agentskills-hub/x-ai-digest/Gen Agent Trust Hub

x-ai-digest

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted content from X platform posts and uses an LLM to generate summaries and 'reply suggestions'.
  • Ingestion points: references/scraping-guide.md extracts tweet content using the [data-testid="tweetText"] selector.
  • Boundary markers: No specific delimiters or safety instructions are used in assets/digest-template.md to prevent the LLM from obeying instructions embedded within scraped tweets.
  • Capability inventory: The skill performs file system writes (Markdown, JSON, PNG) and network operations (via browser automation).
  • Sanitization: No sanitization or filtering of scraped tweet text is implemented before interpolation into the prompt for digest generation.
  • [EXTERNAL_DOWNLOADS] (LOW): Dependency on external tools and binaries.
  • The skill requires the dev-browser skill and playwright package.
  • It executes npm run start-extension and launches a Chromium instance to render and screenshot HTML templates.
  • While Playwright is a standard library, it involves the execution of external browser binaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:09 PM