bird

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly instructs using flags like --auth-token and --ct0 to pass cookie/auth tokens directly (i.e., embedding secrets in CLI commands), which would require the LLM to handle and potentially output secret values verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows commands like "bird read ", "bird thread", "bird search", "bird home", and other timeline/listing commands that fetch and display public X/Twitter posts (user-generated, untrusted third-party content) which the agent consumes as part of its workflow and can influence follow-up engagement actions (replies, tweets, follows).