my-fetch-tweet
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches tweet content and metadata from
api.fxtwitter.com. This is a well-known and widely used service for retrieving Twitter data in a structured format for embeds and previews. - [PROMPT_INJECTION]: Since the skill processes external tweet content, it possesses an indirect prompt injection surface. Malicious instructions contained within a fetched tweet could potentially influence the summary or translation results. This is an inherent risk of any data-fetching skill and is documented as a vulnerability surface rather than an active exploit.
- [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration was detected. The network requests are limited to the specified API and are used solely to fetch public social media data.
Audit Metadata