twitter-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it uses the inference.sh CLI to interact with Twitter/X (e.g., "Get Tweet Details", "Get User Profile", and other X API actions) which fetches untrusted, user-generated content from the public web that the agent can read and then use to decide actions like liking, retweeting, DMs, or follows—enabling indirect prompt injection.