baoyu-post-to-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and processes open web content: scripts/x-quote.ts navigates to arbitrary tweet URLs supplied by the user, and scripts/md-to-html.ts downloads remote images over http(s) referenced in Markdown and then uses them when composing/pasting articles, so the agent ingests untrusted third‑party content as part of its workflow.