tweet
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill explicitly requires the agent to use the system command
wc -cto verify the character count of generated tweets. This involves passing strings to a shell environment. If the agent does not properly escape the generated content (which is derived from user-provided topics), it could theoretically be exploited for command injection. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data from the user via the
topic or descriptionargument to influence the output. - Ingestion points: User-provided
topic or descriptionargument defined in the YAML frontmatter. - Boundary markers: Absent. The instructions do not use delimiters or specific ignore-instruction warnings for the user input.
- Capability inventory: Shell command execution (
wc). - Sanitization: None. There are no instructions to sanitize or escape the user input before processing or before passing generated content to
wc.
Audit Metadata