track-mentions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly fetches and monitors tweets from a public X/Twitter source via the xquik.com API (e.g., GET /x/tweets/search and POST /monitors), which are untrusted, user-generated third‑party contents that the agent is expected to read/interpret (see "Quick reference" and "Typical flow"), so those mentions could carry instructions that influence the agent's decisions.