twitter-automation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The URLs point to a non-standard third‑party domain and the skill explicitly instructs running a remote installer via "curl ... | sh" (cli.inference.sh), a high‑risk pattern that can deliver arbitrary/malicious code or executables from hosted files.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes apps like x/post-get and x/user-get which retrieve tweets and user profiles from X.com (public, user-generated social media content), so the agent will ingest untrusted third‑party content that could contain indirect prompt injections.