xpoz-social-search
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
mcporterpackage from npm to enable communication with the Xpoz MCP server. - [COMMAND_EXECUTION]: The skill's primary functionality is delivered through the execution of
mcporterCLI commands to perform social media searches and poll for operation results. - [DATA_EXFILTRATION]: Network communication is directed to
mcp.xpoz.ai, which is the official domain for the service vendor (openclaw). The CSV export feature involves polling for URLs to download large datasets, which is consistent with the skill's social listening purpose. - [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by ingesting untrusted data from social media platforms.
- Ingestion points: Social media posts, user profiles, and subreddit data are retrieved from external sources (SKILL.md).
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the provided skill definitions.
- Capability inventory: The tools are restricted to data retrieval and status polling; no dangerous capabilities such as direct file writing or shell execution were identified in the tool definitions.
- Sanitization: There is no evidence of sanitization or filtering of the ingested social media content before it is returned to the agent.
Audit Metadata