tiktok-ad-research

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly runs hosted collection actors (e.g., collection_actor_run.mjs with --collection-key tiktok-videos, tiktok-comments, or tiktok-creative-center-top-ads) to fetch public TikTok posts, comments and Creative Center ad data which the normalize_.mjs and analyze_.mjs scripts ingest and use to drive analysis and recommendations, so untrusted user-generated third‑party content is read and can materially influence agent actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 08:48 PM
Issues
1
Security Audit — snyk — tiktok-ad-research