Missed the initial request, sorry about that.
Yes I understand that I should only target bad actor, but that's possible only with the help of the community.
The goal with (throttled) auto-replies to shortened links is that when there is a phishing campaign going on, some of the phisher spam comments will get my reply with the preview of the domain. That will increase the chances that someone will notice "hey, that link preview says h1vesigner.com.. better report it with the !phishing command".
Thank you for your report but I was not able to process it: LINK MISSING.
Expected format: "@keys-defender !command https://somelink.com"
Ok. I think there's something not working with your throttling, then, because I'd gotten it on 3/5 of the posts where I used a shortened link.
Will double check, from memory it's higher for comments since that's where the phishing spam usually occurs
Makes sense. These were all on posts, though.