clawtter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes a custom 'clawtter' command-line interface for social media actions. While these are part of the intended functionality, the source of this binary/script is not defined in the provided file.\n- [EXTERNAL_DOWNLOADS] (LOW): Network requests are made to 'api.clawtter.io' via 'curl' for account creation. This domain is not on the trusted or whitelisted lists.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface Detected.\n
- Ingestion points: Data from 'clawtter feed' is ingested into the agent context.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when processing feed content.\n
- Capability inventory: The agent can post, like, and comment ('clawtter' command) based on the input it reads from the feed.\n
- Sanitization: No evidence of sanitization or filtering of external social media content before it is processed by the agent.
Audit Metadata