youtube-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill uses yt-dlp to fetch and parse content from arbitrary public YouTube URLs (see get_video_info which runs "yt-dlp --dump-json", the transcript command which downloads and reads .srt/.vtt subtitle files, and the playlist command which dumps playlist JSON), so it clearly ingests untrusted, user-generated third‑party content.