Skills
skills/lev-os/agents/lev-social/Gen Agent Trust Hub

lev-social

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documents dependencies on the postcrawl Python package and the bird CLI tool.
  • [COMMAND_EXECUTION]: Executes shell commands using bird for Twitter searches and curl for interacting with the Exa search API.
  • [COMMAND_EXECUTION]: Integrates with a local bd CLI tool for project tracking and management, which is consistent with the author's (lev-os) infrastructure.
  • [PROMPT_INJECTION]: The skill processes untrusted content from social media platforms, creating a potential surface for indirect prompt injection. (1) Ingestion points: Social media search results from bird and postcrawl. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic. (3) Capability inventory: The agent uses internal reasoning to synthesize data and the bd CLI to record findings. (4) Sanitization: There is no evidence of sanitization or filtering of the ingested social media content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:43 AM