social-inbox
Warn
Audited by Snyk on Mar 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's main script (social-inbox.mjs) explicitly calls twitter-api.py to fetch public X/Twitter mentions and brand search results (also described in SKILL.md/README), parses and scores those user-generated posts, and uses them to drive prioritization and reply-drafting decisions, so untrusted third-party content can influence agent behavior.
Audit Metadata