twitter-x

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). The URLs point to an unknown third‑party domain and explicitly instruct piping remote .sh scripts to bash (and to install a local credential manager), which is a common and high‑risk vector for malware or credential theft.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill’s workflow explicitly automates a browser on twitter.com and instructs the agent to “Navigate to Notifications > Mentions” and “Review recent mentions” (SKILL.md Usage Examples and Authentication Flow), meaning it fetches and reads untrusted, user-generated Twitter/X content that can influence replies and subsequent actions.