twitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests user-generated Twitter/X content via twitter-cli (see SKILL.md and references/commands.md, Steps 3–4), and instructs the agent to read, summarize, attribute, and derive sentiment/market signals from those tweets — meaning untrusted third-party content can materially influence actions and thus could enable indirect prompt injection.