douyin-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill autonomously navigates and interacts with the public Douyin creator website (e.g., https://creator.douyin.com/... in Step 1–6), taking snapshots, evaluating DOM text, reading popups/descriptions and using those page contents to decide clicks, retries, or to stop — so it consumes untrusted, user-generated web content that can materially influence actions.