b2c-marketing
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill directs the agent to communicate with
api.post-bridge.comto upload media and schedule posts. While this is the intended functionality, the domain is not part of the trusted whitelist provided in the safety guidelines. - Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze external social media content, which could be used to influence the agent's behavior.
- Ingestion points: External captions, text overlays, and user comments from TikTok, Instagram, and YouTube (referenced in Phases 2 and 3).
- Boundary markers: Absent; there are no instructions to use delimiters or specify that the agent should ignore instructions embedded within the processed content.
- Capability inventory: The skill has the capability to perform network requests (via Post Bridge API) and manage local files (tracking posts and moving videos).
- Sanitization: No sanitization or validation logic is specified for the data extracted from social media platforms before it is used to generate captions or perform actions.
Audit Metadata