x-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and returns user-generated X/Twitter content (e.g., "x-cli tweet get", "tweet search", "user timeline", documented in SKILL.md and README.md and implemented in src/commands/tweet.ts and other command modules), which an agent using the MCP stdio server will read and could let third-party tweet text materially influence subsequent actions (replies, posts, likes) — i.e., untrusted web/social content is ingested as part of the agent workflow.