engagement-interaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Puppeteer flows explicitly navigate to and scrape public X/Twitter pages (e.g., autoLikeByKeyword on https://x.com/home, replyToTweet/getEngagementAnalytics on tweet URLs, and unlikeAll on x.com/YOUR_USERNAME/likes) and read user-generated tweet content to decide actions like liking, replying, hiding replies, or unliking, so untrusted third-party content directly influences tool behavior.