twitter-collector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and README explicitly instruct the agent to navigate and scrape Twitter/X search pages (e.g., https://x.com/search?q=...) using Playwright and to extract tweet content via selectors like article[data-testid="tweet"], then filter/score and act on those user-generated results (and pass them to a third‑party filter page), so untrusted third‑party content is read and can materially influence tool decisions.