twitter-thread-creation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and use web content (e.g., belt app run infsh/agent-browser --input with "url": "https://example.com/pricing" and belt app run tavily/search-assistant to research web statistics), meaning it ingests untrusted/public third‑party pages and uses that content to craft and support thread content.