Skills
skills/xquik-dev/x-twitter-scraper/who-quoted/Gen Agent Trust Hub

who-quoted

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted text from X (Twitter) quote-tweets.
  • Ingestion points: Data returned from the POST /extractions endpoint at https://xquik.com/api/v1 contains tweet text and metrics from external users.
  • Boundary markers: The skill does not define explicit delimiters or instructions to the agent to ignore executable patterns within the fetched tweet content.
  • Capability inventory: The skill is restricted to api-only execution with codeExecution: none. It does not request file system, subprocess, or shell access.
  • Sanitization: While the skill documentation explicitly labels QT text as 'untrusted', it provides no technical sanitization or filtering logic for the data processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 09:38 AM