bird

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It tells users/agents to pass cookie/auth tokens directly via --auth-token / --ct0 (or copy cookies), which requires embedding secret values verbatim in commands or outputs and thus is an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads public, user-generated content from X/Twitter (see SKILL.md sections "Reading Tweets", "Timelines", and "Search") and also allows engagement actions (tweet/reply/follow), so untrusted third-party posts are ingested and can materially influence the agent's tool usage.