social-media-extractor

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md is explicitly for "cross-platform public social data extraction" (collecting public TikTok/Instagram/X/YouTube/Facebook data) and the repo includes runtime code that fetches external, user-generated content (e.g., _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs uses item.sourceUrl to download arbitrary public video URLs and network_runtime.mjs provides requestText/requestJson/requestBytes), which shows the agent will ingest untrusted third‑party social media content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime network calls to the PostPlus Cloud endpoints (e.g., ${config.apiBaseUrl}/api/postplus-cli/hosted/capability and ${auth.apiBaseUrl}/api/postplus-cli/auth/refresh), which are required at runtime and invoke hosted capabilities (i.e., execute remote/server-side code) affecting agent execution flow.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 02:13 AM
Issues
2
Security Audit — snyk — social-media-extractor