x-helper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches live, user-generated Twitter/X content from third-party APIs (api.fxtwitter.com and api.vxtwitter.com) as required by SKILL.md and scripts/x_helper.py, and the agent must read and use that content to answer queries, so untrusted web content could indirectly inject instructions.