search-tweets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches public, user-generated tweets via the xquik API endpoints (e.g., GET /x/tweets/search and POST /extractions at https://xquik.com/api/v1) and returns tweet text/authors as part of its workflow (SKILL.md), which is untrusted third‑party content that the agent will read and could indirectly inject instructions.