social-autoposter

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.85). This skill is designed for coordinated, automated social-media posting with explicit anti-detection and evasion techniques and a tiered linking strategy (facilitating astroturfing/undisclosed promotion and deceptive influence), which is high-risk abuse even though it contains no clear code-level backdoor, remote-exec, or credential-exfiltration routines.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated content from public social platforms (e.g., browsing Reddit /new and /hot and old.reddit.com, reading tweet pages and X notifications, and accessing Moltbook posts via API) as required by the "Find candidate threads", "Read the thread + top comments", and "Engage" workflows, and that content is used to decide where to post and to draft/post replies, which could enable indirect prompt injection.