capture-x-ai-lists

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public, user-generated X/Twitter content from two fixed list URLs (see "Fixed Sources" and the "Open and scan the lists" / "Extract each tweet completely" steps in SKILL.md and references/agent-reach-twitter.md), then reads/expands tweet text, resolves and opens linked Article pages (using Reader and the OpenClaw browser) and GitHub pages, and uses those third‑party contents to decide next actions and produce summaries—creating a clear path for untrusted content to influence tool use and behavior.