baoyu-danger-x-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and parses arbitrary, user-provided X/Twitter URLs (see scripts/main.ts and scripts/tweet-to-markdown.ts) and performs network requests against https://x.com and its reverse-engineered i/api/graphql endpoints (see scripts/http.ts and scripts/graphql.ts), which ingests untrusted, user-generated third‑party content into the agent's workflow.