yt-dlp-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts arbitrary public video URLs (YouTube, Bilibili, Twitter/X, TikTok, etc.) and runs yt-dlp (see SKILL.md and scripts/download.sh which eval the constructed command and support --write-subs and format listing), causing the agent to fetch and consume untrusted, user-generated web content and metadata from those third‑party sites.