search-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and returns public, user-generated tweets from X/Twitter (via xAI's /v1/responses x_search tool or X's /2/tweets/search/recent), as shown in SKILL.md and implemented in scripts/search.js (searchXGrok/searchXNative), so the agent ingests and presents untrusted third-party content that could contain instructions and thus enable indirect prompt injection.