xapi
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the xapi-to CLI tool to perform all operations, requiring the agent to execute shell commands.
- [EXTERNAL_DOWNLOADS]: The skill leverages npx to fetch and execute the xapi-to package from the NPM registry at runtime. This package is the primary tool provided by the vendor for this skill.
- [DATA_EXFILTRATION]: API requests, including user inputs and authentication headers, are transmitted to the xapi.to domain and its subdomains. This is the intended purpose of the skill as an API client and targets the vendor's own infrastructure.
- [PROMPT_INJECTION]: The skill retrieves and processes data from external social media and search platforms, which serves as a surface for indirect prompt injection.
- Ingestion points: Data retrieved from Twitter, Reddit, Weibo, Douyin, TikTok, and Google Search via the xapi-to tool.
- Boundary markers: The skill does not provide specific instructions or delimiters to isolate untrusted external content from agent instructions.
- Capability inventory: The skill can execute shell commands through the xapi-to CLI.
- Sanitization: No sanitization or filtering of external data is mentioned in the provided guides or instructions.
Audit Metadata