x-tweet-fetcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Flagged: SKILL.md and the implementation (x_tweet_fetcher.py
• fetch_tweet_by_url / fetch_user_tweets, scripts/fetch.py, fetch_direct.py) explicitly fetch and parse arbitrary public X (Twitter) URLs and user timelines, ingesting untrusted user-generated content that the assistant reads/returns, which could carry instructions that influence subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). Flagged: the prompt explicitly instructs running privileged system commands (e.g., "sudo apt install ...") to install system dependencies, which requests sudo and changes the machine state even though it doesn't create users or modify system service files.