update-x-profile
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill interacts with the author's official API at xquik.com to update account profiles. This activity is consistent with the skill's purpose and uses the vendor's verified domain.
- [PROMPT_INJECTION]: The skill manages user-provided strings for profile updates, which is an ingestion surface for indirect prompt injection. Ingestion points: bio, name, location, and website fields. Boundary markers: Not specified. Capability inventory: API-driven modification of external social media profiles. Sanitization: Image validation (HTTPS, JPG/PNG) is present, and text fields are reviewed by the user via a mandatory confirmation step, which mitigates injection risks.
Audit Metadata