tweet-draft-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard bash commands including find and grep to locate and filter tweet drafts within a specified directory. This is a routine and bounded operation for a file-processing utility.
- [PROMPT_INJECTION]: The skill processes text from external markdown files, creating a surface for indirect prompt injection. However, the risk is negligible because the skill lacks dangerous capabilities such as network access or file-writing permissions.
- Ingestion points: Ingests content from .md files via the folder scan logic in SKILL.md and SKILL-OC.md.
- Boundary markers: The instructions do not specify delimiters or instructions to ignore embedded commands in the draft content.
- Capability inventory: Shell access is restricted to find and grep for file discovery; no network or write access is present.
- Sanitization: No sanitization of ingested file content is performed.
Audit Metadata