opentwitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it fetches public, user-generated Twitter/X content via the ai.6551.io endpoints (e.g., /open/twitter_user_tweets, /open/twitter_search, /open/twitter_user_info), which the agent is expected to read and could materially influence actions, so untrusted third‑party content can inject instructions.