Social Media Content Extraction
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill is designed to ingest and process untrusted external data from Threads and Instagram posts and replies. This content is then interpolated into Markdown templates for storage in an Obsidian vault. Nested instructions within social media posts could potentially influence the agent's behavior or poison the vault data.
- Ingestion points: Content retrieved via the
mcp_hyperbrowser_scrape_webpagetool (SKILL.md). - Boundary markers: Absent. There are no instructions to wrap external content in delimiters or ignore embedded commands.
- Capability inventory: The skill utilizes
mcp_obsidian_create_note(file write) andmcp_obsidian_search_vault(file read), providing a surface for data modification or unauthorized information retrieval if steered by malicious input. - Sanitization: Absent. The skill directly maps scraped content variables (e.g., {메인 포스트 내용}) to the output format without filtering or escaping logic.
Audit Metadata