yt-dlp-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads content from arbitrary public video and social sites (e.g., YouTube, Bilibili, Twitter/X, Reddit, etc.) using yt-dlp—including metadata and subtitles (see SKILL.md and scripts/download.sh where user-provided URLs are passed to yt-dlp)—so it ingests untrusted, user-generated third-party content that could carry embedded instructions.