The Agent Skills Directory

[SAFE]: Authentication is managed via the vm0_secrets configuration, which ensures that the X_ACCESS_TOKEN is injected as an environment variable rather than being hardcoded in the skill source code.
[SAFE]: All network operations are directed to the official X API endpoints at api.x.com, which is a well-known and trusted service for social media interactions.
[COMMAND_EXECUTION]: The skill utilizes shell commands (bash -c, curl, and jq) to perform its tasks. These commands are structured as templates used specifically for authenticated API interaction.
[PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection due to its core function of retrieving untrusted data from a public platform.
Ingestion points: Fetches tweet content, user descriptions, and mentions from the X API via SKILL.md command templates.
Boundary markers: No specific boundary markers or instructions to disregard embedded commands are included in the data retrieval templates.
Capability inventory: The skill possesses network access (curl) and shell execution (bash) capabilities to process external data.
Sanitization: Untrusted content retrieved from the API is returned to the agent context without explicit sanitization or filtering.

x