articles-longform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly reads and repurposes public, user-generated tweets from x.com/USERNAME (via src/tweetPerformance.js and src/contentRepurposer.js) to generate outlines and drive publishing actions on x.com/compose/article, exposing the agent to untrusted third-party content that can influence its actions.