social-media-extractor
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md is explicitly for "cross-platform public social data extraction" (collecting public TikTok/Instagram/X/YouTube/Facebook data) and the repo includes runtime code that fetches external, user-generated content (e.g., _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs uses item.sourceUrl to download arbitrary public video URLs and network_runtime.mjs provides requestText/requestJson/requestBytes), which shows the agent will ingest untrusted third‑party social media content as part of its workflow.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime network calls to the PostPlus Cloud endpoints (e.g.,
${config.apiBaseUrl}/api/postplus-cli/hosted/capabilityand${auth.apiBaseUrl}/api/postplus-cli/auth/refresh), which are required at runtime and invoke hosted capabilities (i.e., execute remote/server-side code) affecting agent execution flow.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata