tweet-thread-from-blog
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for Indirect Prompt Injection. The skill ingests untrusted data from external URLs or pasted text to generate and post content to Twitter/X. Ingestion points: Content is retrieved using tools like WebFetch or Chrome DevTools MCP as specified in SKILL.md. Boundary markers: The skill lacks explicit delimiters to separate user data from instructions. Capability inventory: The agent has read access to the web and write access to Twitter/X via Composio. Sanitization: No automated sanitization of fetched content is defined, though the skill requires manual user confirmation before posting.
Audit Metadata