opentwitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly fetches user-generated Twitter/X content from third-party endpoints (e.g., https://ai.6551.io/open/twitter_search, twitter_user_tweets and the real-time wss://ai.6551.io/open/twitter_wss feed) and requires the agent to read and act on that content (including compliance gating that changes whether results are displayed), so untrusted third‑party content can materially influence agent behavior.