reddit-ads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches runtime performance data and ad creatives from the public Reddit Ads API (https://ads-api.reddit.com), including user-provided ad headlines/bodies and subreddit targeting, and feeds that untrusted third-party content into an LLM for analysis and automated actions, creating a path for indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with the Reddit Ads API and includes endpoints and client methods that create and modify campaigns/ad groups with budget fields (e.g., budget_total_amount_micros). Examples in the prompt show creating campaigns with daily/lifetime budgets and the optimizer service programmatically updating ad group budgets (client.updateAdGroup with budget_total_amount_micros), scaling budgets, and reallocating budget from paused ads to winners. These are direct programmatic controls over ad spend (financial budget manipulation) using authenticated API tokens. Therefore it provides direct financial execution capability for managing ad budgets.