twitter-thread-creation
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill demonstrates the use of the
infshcommand-line utility for executing apps that post to X (Twitter), generate images, and browse the web. These tools are authorized in the skill metadata and are part of the vendor's official toolset. - [EXTERNAL_DOWNLOADS]: References the addition of other functional skills from the
inference-shrepository vianpx. As these originate from the skill's author, they are documented as trusted vendor resources. - [PROMPT_INJECTION]: The skill integrates tools such as
agent-browserandsearch-assistantwhich ingest data from the live web. This creates a surface for indirect prompt injection where malicious instructions on a third-party website could potentially influence the agent's behavior. - Ingestion points: External web content fetched via
infsh/agent-browserandtavily/search-assistant(SKILL.md). - Boundary markers: No specific boundary markers or "ignore embedded instructions" warnings are shown in the bash command examples.
- Capability inventory: The skill possesses the capability to post content to an external social media platform (Twitter/X) using the
x/post-createapp (SKILL.md). - Sanitization: No explicit sanitization or filtering of the ingested external data is demonstrated in the provided usage examples.
Audit Metadata