track-hashtags
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in this skill.
- [EXTERNAL_DOWNLOADS]: The skill connects to the vendor's official API at
xquik.comto retrieve hashtag data. This is expected behavior for a social media monitoring tool. - [PROMPT_INJECTION]: The skill ingests untrusted third-party data from X (Twitter). This represents a surface for indirect prompt injection.
- Ingestion points: Untrusted content enters the agent context through the search and monitoring endpoints (
GET /x/tweets/search,POST /monitors) described inSKILL.md. - Boundary markers: The skill includes a dedicated 'Security' section that explicitly warns the agent to treat tweet text as untrusted content.
- Capability inventory: The skill's configuration (
codeExecution: none,executionModel: api-only) minimizes the risk that an injection could lead to system-level exploitation. - Sanitization: The skill relies on natural language instructions to guide the agent in ignoring embedded malicious commands.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by recommending the use of environment variables (
XQUIK_API_KEY) for authentication rather than hardcoding secrets.
Audit Metadata