x-mastery-mentor
Warn
Audited by Snyk on May 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 在场景E“账号诊断与数据采集”中,Skill会通过 computer-use/浏览器工具打开 https://x.com/{username} 并滚动截图、read_page/DOM提取近100条推文的“文本”等可读内容(外部作者的推文正文),随后将其整理成 tweets_{date}.md/json 并用于生成诊断报告,从而把OUTSIDER文本喂入LLM上下文。
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill's Scene E explicitly uses the computer-use tool to open and scrape https://x.com/{username} at runtime (screenshot/scroll/DOM extraction) and then injects that fetched tweet data into the agent's analysis/reporting pipeline, so the external URL is fetched during runtime and directly controls the agent's outputs.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata