instagram-content-benchmark
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a research-focused workflow with clear cost discipline and local data isolation. It correctly uses a hidden sub-folder (
.postplus/instagram-benchmark/) for its internal data and caches, ensuring that only final summaries are placed in the user-facing directory. - [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface because it ingests and processes untrusted data from social media.
- Ingestion points: Instagram usernames, post URLs, Reel URLs, and scraped caption/hashtag data (SKILL.md).
- Boundary markers: The skill does not provide explicit instructions or delimiters to isolate the scraped content from the agent's core logic.
- Capability inventory: The skill is limited to reading, normalizing, and summarizing data; it does not invoke shell commands with external data or perform unauthorized network exfiltration.
- Sanitization: No explicit sanitization or escaping of the scraped Instagram content is described in the workflow.
Audit Metadata