twitter-media-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches media from public, user-generated Twitter/X URLs (see SKILL.md "Run the download script with a Twitter/X URL" and scripts/download.py which builds and runs gallery-dl against user-provided X/Twitter URLs) and returns/uses those downloaded files (JSON output and note that it's used by the twitter-to-reel skill), so untrusted third-party content is ingested and can influence downstream actions.