follower-monitoring
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMNO_CODECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill references several external JavaScript files located in a
src/directory (e.g.,src/detectUnfollowers.js,src/monitorAccount.js,src/continuousMonitor.js) that are not provided within the skill's files. The logic of these scripts cannot be verified. - [COMMAND_EXECUTION]: The documentation instructs users to copy and paste code from these unverified source files directly into their browser's developer console while logged into a sensitive site (
x.com). This 'Self-XSS' pattern is a common social engineering vector used to bypass browser security and gain access to user accounts or cookies. - [DATA_EXFILTRATION]: The skill is designed to scrape follower lists and demographics. While the documentation claims the scripts only save data to
localStorageand local files (.txt, .json), the unverified nature of the scripts means they could potentially send this data to a remote server without the user's knowledge. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by scraping untrusted third-party content from social media profiles (names, bios, niches).
- Ingestion points: Follower profiles and bios on
x.comvia DOM scraping. - Boundary markers: None present; data is extracted directly from the DOM.
- Capability inventory: Access to
localStorage, browser Notification API, Web Audio API, and file download triggers. - Sanitization: No mention of sanitization or filtering of the scraped content before processing or exporting.
Audit Metadata