social-media-scout

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses public, user-generated social media content (e.g., scripts/tikhub_client.py functions wechat_mp_get_article_detail/wechat_mp_get_articles_by_name and the SKILL.md/README which instruct calling TikHub REST endpoints to retrieve posts, comments and article content from open platforms like mp.weixin.qq.com, Bilibili, TikTok, etc.), so untrusted third‑party content is ingested and used by the agent as part of its workflow and could influence subsequent actions.