creator-scraper-cv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls the Creativault API to fetch and collect public, user-generated content from social platforms (TikTok/YouTube/Instagram) as shown in SKILL.md and scripts like search_creators.mjs and submit_collection_task.mjs, and that returned content is read and used to drive follow-up actions (deciding collection/export/polling), so untrusted third-party content can influence agent behavior.