instagram-automation
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection due to the handling of external data.
- Ingestion points: Untrusted data enters the agent's context through tools such as
INSTAGRAM_GET_IG_MEDIA_COMMENTS(reading user comments) andINSTAGRAM_GET_IG_USER_MEDIA(retrieving media metadata) as described in SKILL.md. - Boundary markers: The instructions in SKILL.md do not define boundary markers or include directives for the agent to ignore instructions embedded within the retrieved data.
- Capability inventory: The skill includes high-impact capabilities such as
INSTAGRAM_CREATE_POSTandINSTAGRAM_POST_IG_USER_MEDIA_PUBLISHwhich allow for content modification and creation on a public platform. - Sanitization: There is no evidence of content sanitization or validation of the external Instagram data before it is processed or used by the agent.
Audit Metadata