bilibili-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses user-generated content from Bilibili (e.g., "bili video BV1xxx -c" for comments, "bili feed", "bili favorites", "bili my-dynamics") and recommends --yaml for agent consumption, meaning untrusted third-party content is read and can influence subsequent agent actions (likes, posts, unfollows), enabling indirect prompt injection.