x-cli
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a pre-installed CLI tool named 'x' to interact with the X API. All commands shown are standard for social media management and do not exhibit malicious patterns.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it reads untrusted content from the X platform (e.g., via 'x timeline', 'x mentions', or 'x search' in SKILL.md). While the skill itself is safe, the agent should be configured to treat data returned from these commands as untrusted to prevent potential injection attacks that could leverage the skill's write capabilities like 'x tweet' or 'x follow' (also in SKILL.md). Evidence: 1. Ingestion points: 'x timeline', 'x mentions', 'x search' in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: 'x tweet', 'x follow', 'x delete' in SKILL.md. 4. Sanitization: Absent.
Audit Metadata