pinterest-ads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls external Pinterest data via tools like pinterest_ads_list_ads, pinterest_ads_list_audiences, pinterest_ads_list_campaigns (see Phase 2: Account Assessment and "Get the destination URL and creative assets (Pin IDs)"), which ingests user-generated/third-party Pinterest content that the agent must read and which can materially influence subsequent API calls and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to manage Pinterest ad campaigns including creation and updates of campaign/ad-group budgets and bids. The tool surface and examples show direct parameters for daily_spend_cap, lifetime_spend_cap, budget_in_micro_currency, bid_in_micro_currency, and update operations (pinterest_ads_create_campaign, pinterest_ads_create_ad_group, pinterest_ads_create_ad, pinterest_ads_update_campaign, etc.). It also enforces microcurrency rules and includes instructions for activating campaigns (status ACTIVE/PAUSED). Because it exposes APIs to set and change ad spend and bidding (i.e., directly control spend), it provides direct financial execution capability for managing ad budgets.