The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from an external source (X/Twitter) and interpolates it into Markdown files. 1. Ingestion points: Tweet content and X Articles via the fxtwitter API; 2. Boundary markers: The Markdown templates use simple horizontal rules (---) which are insufficient for isolating untrusted data from instructions; 3. Capability inventory: The skill has file-writing and network access capabilities; 4. Sanitization: No sanitization of the scraped content was identified in the provided templates or documentation. Note that the core logic files scripts/main.py and fetch_x.py were not included for direct analysis.
EXTERNAL_DOWNLOADS (LOW): The scripts/quick-start.sh script performs an automated installation of Python dependencies (requests, PyYAML) from the PyPI registry. While these are common libraries, they constitute external unverifiable dependencies.
DATA_EXFILTRATION (SAFE): No evidence of sensitive data exposure or unauthorized exfiltration was detected. Network operations are aligned with the skill's stated purpose of fetching public social media data.

x-fetcher