search-tweets
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill communicates with the vendor's official API at https://xquik.com/api/v1 to retrieve tweet data. This domain belongs to the skill author and the communication is essential for the tool's documented purpose.
- [PROMPT_INJECTION]: The skill processes untrusted third-party content from X. It identifies this as an attack surface for indirect prompt injection and provides explicit security guidance: ingestion points are specified as search results, the agent is instructed to use boundary markers for isolation, and sanitization is addressed by directing the agent to ignore instructions embedded in the tweet text.
Audit Metadata