x-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests user-generated tweets and linked external pages from X/Twitter via the X API (see SKILL.md research loop and references/x-api.md) using the X API wrapper in lib/api.ts and the x-search.ts commands (search/thread/profile), and those tweets/linked pages are read and used to drive follow-up queries, thread-following, web_fetch deep-dives, and synthesis—allowing third-party content to materially influence agent actions.