postiz
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No security issues detected. The skill follows best practices for a CLI-based API wrapper, utilizing environment variables for secrets and providing transparent command implementations.
- [COMMAND_EXECUTION]: The skill operates by executing the
postizCLI via Bash. This is the intended behavior for providing social media automation capabilities to the AI agent. - [DATA_EXPOSURE]: The skill provides functionality to read local files via the
uploadcommand and the--jsonflag inposts:create. This access is controlled by the user or agent providing the specific file paths and is necessary for media handling and complex post configurations. - [PROMPT_INJECTION]: No evidence of malicious prompt injection or instructions to bypass safety filters was found in the skill metadata or instructional content.
Audit Metadata