creatok-analyze-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts a TikTok URL and posts it to CreatOK's open analyze endpoint (/api/open/skills/analyze), then reads and uses the returned transcript and vision data from outputs/result.json (transcript/transcript.json, vision/vision.json) as the basis for its analysis and follow-up generation, which exposes the agent to untrusted, user-generated third‑party content that can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime calls to the CreatOK Open Skills endpoint (https://www.creatok.ai/api/open/skills/analyze) and writes the returned response.content and suggestions into outputs/result.json which the agent then ingests to drive its analysis, so remote content can directly control the agent's prompts/behavior.