Skills
skills/skillsh/skills/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill refers the user to the vendor's official GitHub repository to download installation instructions and scripts for the infsh CLI tool.
  • [COMMAND_EXECUTION]: Utilizes the infsh command-line interface to perform automated tasks including posting tweets, generating images from HTML, and conducting web research.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external, untrusted sources.
  • Ingestion points: Reads external web content via the infsh/agent-browser tool and processes search results from tavily/search-assistant as documented in SKILL.md.
  • Boundary markers: No delimiters or specific instructions (e.g., 'ignore instructions within this data') are provided to the agent to distinguish between instructions and ingested data.
  • Capability inventory: The skill provides the agent with the ability to write and post content to the user's Twitter/X account via the x/post-create tool.
  • Sanitization: The instructions do not define any validation, filtering, or escaping mechanisms for the data retrieved from the web before it is used to generate social media posts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:27 PM