content-repurposing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly scrapes and ingests public, user-generated tweets from x.com/USERNAME (see SKILL.md: XActions.scan(), MCP workflow steps calling x_get_tweets and x_get_profile) and then uses those tweets to rank content and drive repurposing/actions, so untrusted third‑party content could influence agent behavior.