Skills
skills/skillssh/skills/twitter-automation/Gen Agent Trust Hub

twitter-automation

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI via bash to interact with the Twitter/X API. All shell execution is restricted to the infsh tool by the platform's allowed-tools configuration, ensuring the agent operates within the intended scope.
  • [EXTERNAL_DOWNLOADS]: Directs users to installation guides and documentation hosted on the official GitHub repository and the inference.sh domain. These are standard vendor resources for the platform's ecosystem.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it facilitates posting content to social media that may originate from untrusted external sources.
  • Ingestion points: Processes user-provided JSON input for tweet text and media URLs, as seen in the examples in SKILL.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent regarding the handling of potentially malicious embedded instructions in the content to be posted.
  • Capability inventory: Provides high-impact capabilities including posting tweets, sending direct messages, following users, and deleting content via the infsh CLI.
  • Sanitization: No sanitization or validation logic is described to handle untrusted input before it is passed to the automation apps.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 07:30 PM