youtube-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill (scripts/download.py) takes arbitrary YouTube URLs and uses yt_dlp.extract_info and ydl.download to fetch video metadata and media from YouTube (a public, user-generated third-party site), which the agent would read/display as part of its workflow and could therefore enable indirect prompt injection.