tiktok-ad-research
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly runs hosted collection actors (e.g., collection_actor_run.mjs with --collection-key tiktok-videos, tiktok-comments, or tiktok-creative-center-top-ads) to fetch public TikTok posts, comments and Creative Center ad data which the normalize_.mjs and analyze_.mjs scripts ingest and use to drive analysis and recommendations, so untrusted user-generated third‑party content is read and can materially influence agent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata