Skills
skills/openminis/minisskills/twitter-downloader/Gen Agent Trust Hub

twitter-downloader

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The helper script twitter_downloader.sh uses apk add --no-cache to install curl, jq, and python3. This functionality allows the skill to modify the execution environment by installing system-level packages.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to api.fxtwitter.com and api.vxtwitter.com to retrieve tweet metadata. It also uses curl to download media files from various external URLs provided by the API response.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it fetches and processes untrusted text from Twitter/X for summarization.
  • Ingestion points: Tweet text and metadata are fetched from the external fxtwitter API in scripts/twitter_downloader.sh and stored in SUMMARY.txt.
  • Boundary markers: Absent. There are no delimiters or instructions to the agent to treat the tweet content as untrusted or to ignore embedded instructions.
  • Capability inventory: The agent has the ability to read files, write media to the workspace, and invoke vision models on downloaded images.
  • Sanitization: No sanitization or filtering is performed on the tweet text before it is presented to the agent for summarization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 11:48 AM