creator-scraper-cv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and processes public user-generated social media data via the Creativault API (e.g., search_creators.mjs calling /openapi/v1/creators/{platform}/search and submit_collection_task.mjs accepting LINK_BATCH values like https://www.tiktok.com/@creator1 as shown in SKILL.md and the scripts), and those results are read and used by the agent to decide actions (search vs collection, polling, exporting), so untrusted third-party content can materially influence tool use.