x-article-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly navigates to and snapshots the public X Articles editor (browser_navigate: https://x.com/compose/articles and use of browser_snapshot/browser_snapshot-derived DOM to find editor blocks), meaning it reads and interprets user-generated content from the public X site and thus can ingest untrusted third-party content.