x-composer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly navigates to and interacts with the public X.com compose page (https://x.com/compose/post) using Playwright/CDP—taking snapshots, locating DOM elements, and reading page state—so it clearly ingests untrusted, user-generated third‑party content as part of its runtime workflow, which could allow indirect prompt-injection to influence actions.