Skills
skills/starchild-ai-agent/official-skills/creator-insights/Gen Agent Trust Hub

creator-insights

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the processing of untrusted external content.
  • Ingestion points: External tweet data is fetched using scripts/api_client.py and subsequently processed by AI models in scripts/content_generator.py, scripts/profile_analyzer.py, and scripts/twitter_analyzer.py for tasks such as pattern analysis and style extraction.
  • Boundary markers: Although the AI prompt templates use some labels and delimiters (such as triple quotes), they do not consistently employ robust boundary markers or explicit instructions to the AI to ignore instructions embedded within the data.
  • Capability inventory: The skill possesses network access to the Twitter and OpenRouter APIs and reads local configuration settings from YAML files.
  • Sanitization: The processed tweet text is interpolated directly into prompts without undergoing escaping or filtering to prevent the execution of malicious instructions hidden within the content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:01 PM