Schedule and publish posts to X and Threads from your AI agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent PostStash integration for scheduling and reviewing social posts, but users should understand it can send content to PostStash and publish to Threads or X.

Install only if you are comfortable giving the skill a PostStash API key that can schedule public social posts and read related account posts and analytics. Prefer a scoped or revocable API key if PostStash supports it, and review agent actions before allowing Ready posts that publish immediately or at a scheduled time.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill declares an environment dependency and clearly interfaces with an external API, but it does not declare permissions corresponding to env and network access. This weakens transparency and policy enforcement because an agent or user may not realize the skill can read secrets and transmit data off-platform.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The stated purpose focuses on scheduling posts, but the documented tools also allow listing account posts, fetching post details, and retrieving analytics. This mismatch can mislead users about the skill's actual data access scope, increasing the chance that they authorize broader account inspection than intended.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill description does not warn that using scheduling tools sends user-provided content to the PostStash service and may ultimately publish it to external social media platforms. In an agent setting, this omission is dangerous because users may provide sensitive, draft, or regulated content without understanding that it leaves the local environment and can become publicly visible.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal