tuzi-post-to-x

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to and interacts with arbitrary public X (Twitter) pages/tweet URLs (scripts/x-quote.ts, x-browser.ts) and md-to-html.ts downloads remote images from HTTP(S) URLs referenced in user markdown, so it ingests untrusted, user-generated web content and uses that content/DOM state to drive actions (clicks, pastes, publishes).