search-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls xAI's Responses API (/v1/responses) with the x_search tool (see scripts/search.js and SKILL.md/README) to fetch real-time tweets from X/Twitter—untrusted, user-generated content that the agent ingests and returns as part of its workflow and thus can influence subsequent responses or actions.