send-dms
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with a dedicated vendor API (xquik.com) and requires an API key provided via environment variables, following standard security practices for secret management.
- [SAFE]: It enforces strict human-in-the-loop requirements, mandating explicit user approval for recipient handles, message text, and sending accounts before any DM is transmitted.
- [SAFE]: The instructions include defensive measures against indirect prompt injection by explicitly warning that incoming DM text is untrusted and should not be executed as instructions.
Audit Metadata