universal-media-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts (scripts/download_media.py and scripts/download_douyin_note.py) and SKILL.md show the system fetches and parses open/public user-generated pages (YouTube/B站/抖音/podcast pages and arbitrary URLs) and explicitly returns/parses remote-derived metadata (e.g., yt-dlp-derived title -> saved filename via SAVED_FILEPATH) that the AI is expected to read/use, so untrusted third-party content can influence subsequent agent decisions and tool use.