instagram-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill launches hosted collection and scraping workflows that ingest public, user-generated Instagram content (see SKILL.md "hosted profile run"/"hosted post run" and scripts like scripts/build_instagram_actor_input.mjs which builds Instagram URLs and _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs which downloads arbitrary sourceUrl entries), and those third‑party posts/comments are parsed and used for normalization, clustering, ranking, and watchlist construction—so untrusted web content is read and can materially influence subsequent actions.