bookmarks-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs loading and scraping user-generated content from x.com/i/bookmarks (see scripts/scrapeBookmarks.js, src/bookmarkOrganizer.js, src/clearAllBookmarks.js), and that untrusted tweet content is parsed and used to drive categorization and deletion actions, so third-party content can materially influence behavior.