x-post-creator-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed exclusively of text-based reference files and instructional markdown. No Python, Node.js, shell scripts, or binary executables are included.
- [DATA_EXFILTRATION] (SAFE): There are no network-enabled commands, hardcoded credentials, or references to sensitive system file paths. All operations are local to the provided text context.
- [PROMPT_INJECTION] (SAFE): Analysis of the instructions reveals no patterns intended to bypass agent safety filters, extract system prompts, or override core safety guidelines. The instructions focus on medical accuracy and tone.
- [Indirect Prompt Injection] (SAFE): The skill features a feedback loop in
references/feedback-log.mdwhich stores untrusted user input. While this creates a theoretical surface for indirect injection, it is considered safe because the skill has zero functional capabilities or tools for an attacker to leverage. - Ingestion points:
references/feedback-log.mdvia the Feedback Integration Protocol. - Boundary markers: Absent; user feedback is incorporated into future generations without explicit delimiters.
- Capability inventory: None; the skill has no access to the shell, filesystem (beyond provided files), or network.
- Sanitization: Absent; the protocol instructs the agent to apply feedback immediately to future outputs.
Audit Metadata