Skills
skills/xquik-dev/x-twitter-scraper/top-replies/Gen Agent Trust Hub

top-replies

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted user-generated content (tweet replies) from X (Twitter).
  • Ingestion points: Data enters the agent context via the GET /x/tweets/{id}/replies and POST /extractions API endpoints.
  • Boundary markers: The instructions do not define clear delimiters or markers to separate the untrusted reply text from the agent's instructions.
  • Capability inventory: The skill is restricted to read-only API operations and does not have file system access, shell execution, or remote code execution capabilities.
  • Sanitization: No sanitization or filtering of the incoming social media text is described in the skill configuration.
  • [DATA_EXFILTRATION]: The skill performs network requests to xquik.com. This is the vendor's official domain for the provided API and is used as intended for the skill's primary functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 09:38 AM