x-tweet-fetcher

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most URLs are mainstream content sites (X, Weibo, Bilibili, CSDN, WeChat) and not direct download links, but the skill explicitly instructs installing/running a third‑party anti‑detection browser (camoufox.com, openclaw plugin, jo-inc/camofox-browser) and pulling code from GitHub — downloading/running unknown binaries, npm packages or GitHub releases and running local services on localhost:9377 are common malware distribution vectors and should be treated as potentially dangerous.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill (see SKILL.md/README and the code in scripts/fetch_tweet.py, scripts/fetch_china.py and scripts/camofox_client.py) directly fetches and parses open, user‑generated content from third‑party websites and search results (X/Nitter, Weibo, Bilibili, WeChat, Xiaohongshu, Google/DuckDuckGo via Camofox or direct HTTP) and the agent is expected to read and act on that data (monitoring, profile analysis, search-driven workflows), so untrusted content could materially influence tool decisions and enable indirect prompt injection.