baoyu-danger-x-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses user-generated content from public X/Twitter (e.g., scripts/http.ts and scripts/graphql.ts call https://x.com and i/api/graphql endpoints, and scripts/main.ts accepts x.com/twitter.com URLs) and uses that content to drive parsing, formatting, media downloads, and further fetches, so untrusted third-party content can influence tool actions.