Skills
skills/oldwinter/skills/baoyu-danger-x-to-markdown/Gen Agent Trust Hub

baoyu-danger-x-to-markdown

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses node:child_process (spawn and execSync) to launch local Chrome browsers for authentication purposes and to resolve environment paths.
  • Evidence in scripts/cookies.ts shows the launchChrome function spawning a browser process with specific debugging flags (--remote-debugging-port, --user-data-dir).
  • Evidence in scripts/paths.ts shows execSync used to determine Windows paths when running under WSL.
  • [EXTERNAL_DOWNLOADS]: The skill downloads media assets (images and videos) from X servers to the local filesystem when the --download-media flag is used.
  • Evidence in scripts/media-localizer.ts shows a localizeMarkdownMedia function using fetch to retrieve remote binary data and node:fs/promises to save it to local directories (imgs/, videos/).
  • [PROMPT_INJECTION]: While the skill contains explicit instructions about handling user consent and blocking operations (found in SKILL.md and references/config/first-time-setup.md), these are part of the functional design and not an attempt to bypass system safety guidelines.
  • [CREDENTIALS_UNSAFE]: The skill manages authentication tokens (auth_token, ct0) by reading from and writing to local files (cookies.json). While it handles sensitive session data, there are no hardcoded secret keys or passwords in the source code; the tokens are dynamically retrieved or provided via environment variables.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 05:24 AM