Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill follows best practices for secret management by utilizing the TWITTER_API_KEY environment variable. It also includes explicit instructions to the agent to avoid using command execution or file writing tools, reducing the risk of accidental or malicious misuse during data processing.
- [DATA_EXFILTRATION]: Network requests are directed to api.twitterapi.io, which is the legitimate service for the skill's purpose. The implementation does not attempt to access or exfiltrate sensitive local configuration files or credentials.
- [PROMPT_INJECTION]: The instructions contain restrictive guidelines (e.g., hard limits on tool calls and prohibitions on specific tool chaining) that enhance the safety of the agent's behavior and help prevent bypass attempts.
Audit Metadata