ljg-x-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md (执行流程 steps 1–3) explicitly fetches and parses arbitrary public X/Twitter posts (using yt-dlp --dump-json and curl to pbs.twimg.com media URLs), which are untrusted user-generated third‑party content and are read/interpreted to decide downloads and follow-up actions (e.g., choosing download vs. report/login flow).