Skills
skills/toolshell/skills/twitter-thread-creation/Gen Agent Trust Hub

twitter-thread-creation

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
  • Ingestion points: The skill uses infsh/agent-browser and tavily/search-assistant to ingest data from external, untrusted web sources into the agent's context.
  • Boundary markers: There are no delimiters or 'ignore' instructions provided to the agent to distinguish between valid data and malicious instructions embedded in the retrieved web content.
  • Capability inventory: The skill has the capability to write and publish content to an external platform (Twitter/X) via infsh app run x/post-create.
  • Sanitization: There is no evidence of sanitization or verification of the content retrieved from the internet before it is formatted into social media posts.
  • [COMMAND_EXECUTION]: The skill requires permission to execute shell commands.
  • Permission scope: The allowed-tools metadata specifies Bash(infsh *), which allows the agent to execute any subcommand of the infsh CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:08 PM