The Agent Skills Directory

[COMMAND_EXECUTION]: The host process uses spawn to execute local TypeScript scripts (scripts/post.ts, scripts/like.ts, etc.) via npx tsx. The execution paths are strictly controlled through a mapping in host.ts, which prevents the execution of arbitrary or malicious scripts.
[EXTERNAL_DOWNLOADS]: The skill requires standard Node.js dependencies for its core functionality, specifically playwright for browser automation and dotenv-cli for configuration management. These are well-known packages from the official NPM registry.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with external content from X.
Ingestion points: The skill processes tweet URLs and text content provided by users or retrieved from the platform.
Boundary markers: There are no explicit delimiters or instructions within the provided scripts to prevent the model from obeying instructions embedded in the tweet data it processes.
Capability inventory: The skill possesses the capability to modify the user's social media presence (posting, replying, liking) based on model decisions.
Sanitization: Content is validated for length (280 characters), but there is no semantic filtering to detect or block malicious instructions in the input data.

x-integration