twitter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated Twitter/X content from the public twitterapi.io API (see SKILL.md "Read-only access to Twitter/X via twitterapi.io" and client.py's TwitterApiClient endpoints like /twitter/tweet/advanced_search and /twitter/tweet/replies), and the tools in tools.py return that third-party content for the agent to read and act on, which could enable indirect prompt injection.