twitter-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes public, user-generated Twitter/X content (e.g., SKILL.md "Step 1: Scan Mentions" and the Mention Scanning Pattern that call client.v2.userMentionTimeline / userMentionTimeline and fetch recent mentions via the twitter-api-v2 execute_cli), and the agent is required to read and act on those mentions to draft/post replies or route approvals — meeting the criteria for untrusted third-party content that can influence actions.