algorithm-cultivation

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High risk: the content explicitly describes a 24/7 headless-browsing, LLM-driven system that creates fake personas, automates mass follows/likes/replies, and includes "stealth"/"detection avoidance" techniques to manipulate X/Twitter recommendation signals — clearly intended to perform astroturfing/influence operations; it asks for and persists auth tokens (session cookie) and API keys (LLM) which increases abuse potential, though no explicit hidden backdoor, remote exec, or exfiltration code is present in the excerpts.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's browser automation (e.g., src/automation/algorithmBuilder.js, src/automation/algorithmTrainer.js, scripts/thoughtLeaderCultivator.js and the SKILL.md) explicitly navigates x.com, searches top/latest tweets, visits profiles and feeds public tweets (user-generated content) and feeds that content into LLM-driven comment/post generation and action decisions, exposing the agent to untrusted third-party content that could inject instructions.