x-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's host and scripts explicitly drive Playwright to load and interact with public X (Twitter) pages (e.g., lib/browser.ts navigateToTweet, scripts/like.ts, scripts/reply.ts, scripts/post.ts) and read DOM/tweet content (user-generated) to decide actions like clicking like/retweet or reporting status, so it ingests untrusted third‑party content that can influence tool behavior.