xint

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests untrusted, user-generated content — SKILL.md and lib/api.ts show it pulls tweets from X/Twitter and lib/article.ts (and the "Article" section in SKILL.md) fetches/arbitrarily reads external URLs via xAI's web_search, and the workflow instructs agents to read and analyze those results to drive follow-up searches, analyses, and actions, so third-party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The README explicitly instructs agents to fetch and install the skill at runtime (e.g., "git clone https://github.com/0xNyk/xint.git" and the installer "curl -fsSL https://raw.githubusercontent.com/0xNyk/xint/main/install.sh | bash"), which will retrieve repository content (including SKILL.md that defines agent instructions) and can execute remote installer code — meaning those URLs can directly control agent prompts or run code at runtime.