douyin-rank-tranker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's fetch_rank.py explicitly calls the public API https://onetotenvip.com/story/dyData/query (see scripts/fetch_rank.py and references/api_docs.md) and ingests its JSON (account names, links, scores) into dialogue outputs and generated HTML reports that the agent uses to decide next actions (report generation, subscriptions), so untrusted third‑party content can directly influence behavior.