monitor-accounts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly polls public X (Twitter) accounts via the xquik API (e.g., GET /events?monitor_id=...) and surfaces monitored tweet text (user-generated, untrusted) as part of its runtime workflow (with optional webhook firing), so third-party content can influence subsequent actions.