skills/nirholas/xactions/timeline-viewing/Snyk

timeline-viewing

Warn

Audited by Snyk on Apr 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs running scripts on x.com/home to scrape and collect user-generated X (Twitter) timeline posts, so the agent ingests untrusted third-party content that could materially influence its actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 15, 2026, 01:43 PM

Issues

1

Security Audit — snyk — timeline-viewing