Skills
skills/questnova502/claude-skills-sync/baoyu-post-to-x/Gen Agent Trust Hub

baoyu-post-to-x

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local TypeScript scripts (x-browser.ts, x-video.ts, x-article.ts) using the npx -y bun command to automate browser interactions via Chrome DevTools Protocol (CDP). This is the intended primary function for bypassing anti-automation measures on X.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes external Markdown files and user-provided text to generate public posts.
  • Ingestion points: Markdown file paths and positional text arguments in x-article.ts and x-browser.ts.
  • Boundary markers: Absent; there are no specific instructions or delimiters mentioned to prevent the agent from following instructions embedded within the content it is asked to post.
  • Capability inventory: The skill can read local files, control a web browser, and publish content to a public social media platform.
  • Sanitization: No evidence of content sanitization or validation of the input files is provided in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 03:10 PM