twitter-hand-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests untrusted, user-generated content via web_search and Twitter API calls (see SKILL.md Phase 2 "web_search" and the curl examples for "tweets/search/recent" and Phase 5 "mentions") and then reads and acts on that content to shape generated tweets, posting decisions, auto-replies, and likes, creating a clear avenue for indirect prompt injection from arbitrary public tweets and webpages.