x-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and scripts/x_search.sh explicitly call xAI's Grok API to search and ingest real-time X/Twitter posts (public, user-generated content) and instruct the agent to parse that output and include the posts' citations in its analysis, meaning untrusted third-party content is read and can materially influence agent behavior.