youtube-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses public third-party content (video metadata and subtitles) from open sites using commands like uvx yt-dlp --cookies-from-browser chrome -j "$VIDEO_URL" and then dynamically uses that untrusted, user-generated data (titles, subtitle languages, captions) in its workflow (e.g., generating subtitle language options and building download commands), which could allow indirect prompt-injection via fetched content.