bird

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt exposes CLI flags (--auth-token, --ct0) that explicitly require passing cookie/auth tokens on the command line, meaning an agent could be asked to insert secret cookie values verbatim into commands or outputs (high exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and ingests user-generated content from X/Twitter (tweets, searches, threads, bookmarks, likes, news/trending, user timelines) via X’s public web GraphQL endpoints, exposing the agent to untrusted third-party content.