Skills
skills/yutakobayashidev/dotnix/social-digest/Gen Agent Trust Hub

social-digest

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external social media platforms, creating a surface for indirect prompt injection where malicious instructions embedded in posts could influence agent behavior.
  • Ingestion points: Social media content is retrieved from Discord and Mastodon APIs in scripts/social-digest.ts, and Twitter data via the FixTweet API in scripts/fxtweet.ts.
  • Boundary markers: The SKILL.md file provides explicit instructions for the agent to treat all fetched content as untrusted data and to ignore any instructions found within that content.
  • Capability inventory: The skill has the capability to write files to the local system (Obsidian vault) and make network requests to social media APIs.
  • Sanitization: The skill uses stripHtml in src/socialDigest.ts to remove HTML tags and flattenRaw in src/renderDaily.ts to replace newlines with delimiters, providing basic structural sanitization for the final Markdown output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:02 AM