meta-ad-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly constructs Meta Ad Library URLs and calls the Apify Facebook Ads Scraper (see SKILL.md "How It Works" step 2 and scripts/search_meta_ads.py run_apify_actor), fetching and parsing public ad creatives and text from Meta's Ad Library (untrusted, user-generated content) as part of its normal workflow, which could allow instructions embedded in those third-party ads to influence downstream decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes the Apify API at runtime (e.g. https://api.apify.com/v2/acts/apify~facebook-ads-scraper/runs), which starts a remote Apify actor (executes remote code) and is required for the scraper to function, so this is a runtime external dependency that executes remote code.