x-twitter-scraper

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and requires embedding the API key directly in MCP configuration and request headers (e.g., "x-api-key": "xq_YOUR_KEY_HERE" and API_KEY = "..."), which means an agent would need to accept and place a secret value verbatim into generated code/commands—an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to fetch and process user-generated content from X/Twitter (e.g., Search Tweets endpoint GET /x/tweets/search, bulk extraction tools like reply_extractor, post_extractor, community_post_extractor, and real-time monitoring/webhooks), so the agent ingests untrusted public social-media content that can materially influence actions (e.g., giveaway draws, monitors, extraction-driven decisions).