analytics-insights
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references eighteen separate script files located in a 'src/' directory that are missing from the provided context, preventing a full security verification of the code.
- [COMMAND_EXECUTION]: Users are directed to paste JavaScript into the browser console on x.com, granting the scripts full access to the user's authenticated session, cookies, and account functions.
- [DATA_EXFILTRATION]: The scripts scrape profile data, follower lists, and engagement metrics; without source code, there is no verification that this data is not exfiltrated to an external server.
- [PROMPT_INJECTION]: The skill ingests untrusted data from X/Twitter profiles and timelines. 1. Ingestion points: Tweets, follower bios, and account names. 2. Boundary markers: No delimiters or ignore instructions are present. 3. Capability inventory: Browser console scripts with session access. 4. Sanitization: No sanitization or validation of the scraped data is documented.
- [NO_CODE]: The analyzed package contains no executable logic, only documentation and references to missing external files.
Audit Metadata