Skills
skills/inference-sh/agent-skills-registry/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it retrieves data from external sources that could contain malicious instructions. Specifically, it uses infsh/agent-browser to visit URLs and tavily/search-assistant to perform web searches, then uses that information to create content for the x/post-create tool.
  • Ingestion points: infsh/agent-browser and tavily/search-assistant in SKILL.md
  • Boundary markers: Absent
  • Capability inventory: x/post-create in SKILL.md
  • Sanitization: Absent- [COMMAND_EXECUTION]: The skill uses the infsh CLI for posting tweets and generating images. It implements a principle of least privilege by using the allowed-tools frontmatter to restrict the Bash tool to only the infsh command prefix.- [EXTERNAL_DOWNLOADS]: The skill references CLI installation instructions from the author's GitHub repository (inference-sh/skills) and suggests adding related skills via npx. These are legitimate vendor resources used for environment setup and extending functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:05 PM