baoyu-danger-x-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches and parses public, user-provided X/Twitter content (tweets and articles) from x.com/twitter.com—see scripts/main.ts for user-supplied URLs and scripts/graphql.ts / scripts/http.ts (fetchXTweet, fetchXArticle, fetchText/fetchHomeHtml) which download and interpret that untrusted, user-generated third‑party content—so it exposes the agent to indirect prompt injection risk.