Skills
skills/vincentchan/ai-content-engine/swipe-file-generator/Gen Agent Trust Hub

swipe-file-generator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill fetches and processes content from arbitrary external URLs and passes this untrusted data to a subagent for analysis. This creates a significant attack surface for indirect prompt injection.
  • Ingestion points: SKILL.md fetches content from user-provided URLs and api.fxtwitter.com (Step 3).
  • Boundary markers: Partial. The skill uses --- Content X --- delimiters when passing content to the subagent, which provides weak protection against adversarial content.
  • Capability inventory: The agent has file write capabilities (/swipe-file/swipe-file.md) and network access via WebFetch.
  • Sanitization: Absent. No filtering or escaping is performed on the fetched content before it is processed by the LLM.
  • Data Exposure & Exfiltration (LOW): The skill performs network requests to non-whitelisted domains, including api.fxtwitter.com. While this is functional for the skill's purpose, it involves sending URL metadata to a third-party service.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:34 AM