douyin-video-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly opens arbitrary Douyin video/share URLs (SKILL.md "默认流程" and scripts/fetch_douyin_video.py), uses Playwright to capture the public /aweme/v1/web/aweme/detail/ JSON from those pages, and then trusts that data to choose play/download URLs and subsequent actions, so untrusted user-generated third‑party content can directly influence tool behavior.