x-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill actively fetches and ingests public, user-generated content from X/Twitter via Composio (see lib/api.ts -> composioExec("TWITTER_RECENT_SEARCH") and x-search.ts commands), then formats and displays those tweets/linked URLs (lib/format.ts and CLI outputs), exposing the agent to untrusted third-party content that could carry indirect prompt-injection.