canghe-post-to-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted public content: scripts/md-to-html.ts downloads remote images from arbitrary URLs found in Markdown, and scripts like x-quote.ts / x-article.ts navigate to and interact with X (Twitter) pages (see references/articles.md and SKILL.md), and that fetched/user-generated content is parsed and used to drive automated DOM actions (clicks, paste/upload), so external content can materially influence tool actions.