twitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill autonomously fetches and ingests user-generated tweets from the open web via the X API and the bird CLI (see x-search/lib/api.ts and x-search/x-search.ts and SKILL.md), and even passes fetched bookmarks/tweets into Smaug/Claude for AI categorization and synthesis, so untrusted third‑party content is read and can materially influence agent decisions.