douyin-batch-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill ingests public, user-generated Douyin content (e.g., download-v2.py uses the F2 API to fetch aweme_list from douyin.com, and extract-metadata.py / manage-following.py use Playwright to visit https://www.douyin.com/user/{...} and parse API/page responses), and those fetched pages/data are parsed and used to drive downloads, database updates, and follow-up actions, so untrusted third-party content can materially influence runtime behavior.