scrapesocial-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly instructs the agent to fetch and ingest public X (Twitter) content via the Scrape Creators API (e.g., "x posts get --url 'https://x.com/ACCOUNT/status/POST_ID'" and "x communities posts --url 'https://x.com/i/communities/COMMUNITY_ID'"), meaning untrusted, user-generated third-party posts are read and used to drive analysis and next actions, which could enable indirect prompt injection.