track-hashtags

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated tweets from the X API (e.g., GET /x/tweets/search and POST /monitors at https://xquik.com/api/v1) as part of its required one-shot and continuous monitoring workflows, so scraped tweet content — which is untrusted — is read by the agent and can materially influence actions, enabling indirect prompt injection.