hn-to-x-poster
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from the Hacker News front page, creating a surface for indirect prompt injection. \n
- Ingestion points: Titles and context are scraped from news.ycombinator.com as specified in SKILL.md. \n
- Boundary markers: The workflow lacks delimiters or specific instructions to ignore embedded commands within the fetched data. \n
- Capability inventory: The skill possesses the capability to automatically post content to x.com using the user's logged-in session via the chrome-devtools tool. \n
- Sanitization: No sanitization, filtering, or validation of the Hacker News content is implemented before it is processed and posted. \n- [COMMAND_EXECUTION]: The skill uses chrome-devtools to automate browser interactions, including navigating to URLs, simulating keyboard input, and clicking UI elements to publish posts on x.com.
Audit Metadata