content-repurposing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from an external platform (X/Twitter).
- Ingestion points: The skill ingests external content using the
x_get_tweetsworkflow to scan user timelines. - Boundary markers: There are no specified delimiters or instructions to the agent to ignore potentially malicious commands embedded within the fetched tweets.
- Capability inventory: The skill includes automation scripts like
src/autoPlugReplies.jswhich enable automated write actions (posting replies) based on processed content. - Sanitization: No sanitization, filtering, or verification logic is documented for the content before it is used to generate variations.
- [COMMAND_EXECUTION]: The skill relies on several local JavaScript scripts (e.g.,
src/contentRepurposer.js,src/tweetPerformance.js) to perform automated browser-based operations and data extraction onx.com.
Audit Metadata