twitterapi-io
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
twitterapi-io-clipackage from the author's repository (github.com/ropl-btc/twitterapi-io-cli). This is the standard installation method for the tool. - [REMOTE_CODE_EXECUTION]: The recommended installation involves executing code from a remote Git repository via
pipx install, which allows the agent to run thetwitterapi-iocommand-line utility. - [PROMPT_INJECTION]: The skill ingests untrusted data from Twitter/X, which provides a surface for indirect prompt injection.
- Ingestion points: Untrusted content enters the agent's context through commands like
tweet,user-tweets,replies, andsearchdefined inSKILL.md. - Boundary markers: The instructions do not define specific delimiters or guidelines to help the agent distinguish between external data and system instructions.
- Capability inventory: While the skill focuses on data retrieval, the ingested content can influence the agent's reasoning and subsequent tool usage.
- Sanitization: There is no description of content filtering or sanitization of the fetched social media data.
Audit Metadata