res-x

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most entries are ordinary X/Twitter content URLs (low risk), but the explicit instruction to fetch and run https://astral.sh/uv/install.sh (curl … | sh) is a high‑risk direct shell script/executable distribution vector from an unverified domain and thus makes the set suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and ingests public X/Twitter posts and external web content (see SKILL.md "Fetch X/Twitter tweet content by URL" and scripts/x_fetch.py where call_xai_responses is invoked with tools [{"type":"x_search"}] and [{"type":"web_search"}] and prompts instruct searching blogs/Reddit/Hacker News), so untrusted user-generated content is read and returned as part of the runtime workflow and could influence later decisions.