simple-video-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs running yt-dlp against arbitrary public URLs (see SKILL.md "Get info: Run yt-dlp -j <URL>") and the usage guide names sites like YouTube, Bilibili, Twitter, etc., meaning the agent ingests untrusted third‑party metadata/subtitles/content that can materially influence command construction and subsequent actions.