instagram-creator-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs hosted collection actors and scrapers (e.g., instagram-search-scraper, instagram-post-scraper, instagram-hashtag-scraper, instagram-comment-scraper) to fetch public Instagram posts, Reels, hashtags and comments (user-generated content) as part of the content-first discovery workflow in SKILL.md and actor-selection.md, and that untrusted content is then read/normalized and used to extract candidates and drive ranking/next actions, creating a clear indirect prompt-injection surface.