instagram-hikerapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public, user-generated Instagram content via HikerAPI (api.instagrapi.com) and downloads media via Cobalt (see SKILL.md and scripts/analyze.sh / scripts/download.sh), and the agent reads and acts on that content (selecting top reels, triggering downloads/transcriptions and watchlist scans), so untrusted third-party content can materially influence its actions.