tiktok-shop-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill’s SKILL.md and task files explicitly require calling the public TikTok Shop API (https://open-api.tiktokglobalshop.com) and handling webhook events (handleTikTokShopWebhook) that ingest untrusted, user-generated order/product/creator content from TikTok and then drive actions (order syncs, inventory updates, product status handling), so third-party content is read and can materially change behavior.