twitter-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to run commands like "twitter search", "twitter feed", and "twitter tweet" which fetch public, user-generated content from twitter.com/X and directs agents to parse the CLI's --json output programmatically, so untrusted third-party tweets could be read and materially influence subsequent tool use or decisions.