x-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime scripts (lib/browser.ts's navigateToTweet and the scripts/*.ts such as like.ts, reply.ts, post.ts) explicitly navigate to and interact with arbitrary X/twitter pages (x.com/twitter.com) supplied via tweet URLs, so it fetches untrusted, user-generated third‑party content that directly influences automated actions and control flow as described in SKILL.md and the scripts.