x-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill ingests untrusted data from an external source (Twitter/X) which creates a standard surface for indirect prompt injection. \n
- Ingestion points:
src/client.py(search_tweets and get_user_info methods). \n - Boundary markers: High. The CLI script
src/twitter.pyusesjson.dumps()to provide structured data boundaries for the agent. \n - Capability inventory: Low. The skill is limited to read-only API interactions and does not possess capabilities for file-system modification, shell execution, or outbound network calls to arbitrary domains. \n
- Sanitization: Not present for tweet text, but risk is mitigated by the lack of exploitable capabilities. \n- Data Exposure & Exfiltration (SAFE): Sensitive API keys are handled via environment variables (
XAPI_IO_API_KEY). The documentation uses placeholders for credentials and no hardcoded secrets or unauthorized data access patterns were identified. \n- Unverifiable Dependencies (SAFE): Therequirements.txtfile specifies well-known, versioned packages from standard registries.
Audit Metadata