yt-dlp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's primary workflow (scripts/download.sh and the SKILL.md usage examples) requires passing arbitrary public URLs (e.g., YouTube/playlist/channel links) to yt-dlp so the agent will fetch and ingest untrusted, user-generated web content (video pages, metadata, subtitles) as part of its operation, which could indirectly influence subsequent actions.