baoyu-post-to-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts (notably scripts/x-quote.ts) accept and load arbitrary X/Twitter status URLs using a real Chrome browser, causing the agent to fetch and read untrusted, user-generated content from the open web (public tweets) as part of its workflow.