stream-clipper

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). Yes — the prompt explicitly instructs generating misleading titles (e.g., "去掉上下文，制造误解") which is a deceptive instruction that contradicts the skill's stated non-clickbait, content-faithful purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill downloads and processes content from public third‑party sources (e.g., scripts/download_stream.py and download_bilibili_danmaku in scripts/download_stream.py fetch videos/subtitles from YouTube/Bilibili and Bilibili danmaku), then extracts/transcribes subtitles (scripts/extract_subtitles.py) and analyzes danmaku/subtitle text (scripts/analyze_danmaku.py, scripts/analyze_semantic.py) to generate titles and clips—therefore it ingests and interprets untrusted user-generated web content.