bird

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/commands.md explicitly instruct the agent to fetch and parse tweets, timelines, searches, mentions, bookmarks, and other Twitter/X content (e.g., bunx bird read/search/home/mentions/bookmarks with --json), which are untrusted, user-generated third‑party sources that the agent is expected to read and that can materially influence follow-up actions like replies, posts, follows, or automated processing.