podcast-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's main script (scripts/download.py) explicitly fetches and parses public third-party content—Apple Podcasts pages and the iTunes lookup API (get_apple_podcast_rss_feed, get_episode_title_from_apple_page, parse_rss_feed_for_episode) and 小宇宙 episode pages (parse_xiaoyuzhou_episode/extract_json_from_html)—and uses that untrusted content to determine episode selection, audio URLs and filenames which directly drive download actions.