Skills
skills/extruct-ai/gtm-skills/post-engagers/Gen Agent Trust Hub

post-engagers

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches data from external LinkedIn scraping services including Apify, Phantombuster, and various providers on RapidAPI.
  • [COMMAND_EXECUTION]: Utilizes the Anysite MCP tool to perform automated LinkedIn scraping operations.
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it ingests and processes untrusted content (comments and headlines) from LinkedIn profiles.
  • Ingestion points: LinkedIn post comments, reactions, and user profile headlines fetched from external scraping providers (SKILL.md).
  • Boundary markers: Missing explicit delimiters or instructions to ignore embedded commands within the scraped text.
  • Capability inventory: Ability to write data to local CSV files and perform network operations via the extruct-api skill (SKILL.md).
  • Sanitization: No evidence of automated sanitization, escaping, or validation of the scraped text before it is processed for classification or displayed to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 02:42 PM