twitter-automation
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill leverages the vendor's official CLI tool (
infsh) and redirects users to documentation and assets hosted on the vendor's verified domains (inference.sh,cloud.inference.sh). - [COMMAND_EXECUTION]: The skill uses the
infshcommand to interact with the Twitter/X API. This is the primary intended function of the skill and is constrained to the vendor's specific application ecosystem. - [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection through its content creation features.
- Ingestion points: Untrusted text data is ingested via the
textparameter in tools likex/post-tweet,x/post-create, andx/dm-send. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided examples.
- Capability inventory: The skill possesses high-impact capabilities including posting public content, sending direct messages, and managing user followings.
- Sanitization: No sanitization or input validation logic is described in the skill metadata or instructions.
Audit Metadata