larry-experiments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using the Bird CLI to read/search tweets and mentions on X (public, user-generated content) for research and engagement, so the agent ingests untrusted third‑party posts that can influence posting and reply decisions.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). Found a literal, random-looking integration token: "cmldj0s1202ddom0y2fugxsxb" (used as the Postiz integration id). This is high-entropy/alphanumeric, not a placeholder or example, and is presented as a specific credential for an API integration — so it meets the definition of a secret. No other high-entropy keys or private keys are present; other values (URLs, community id, simple example strings) are non-sensitive or placeholders.