yt-dlp-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the agent to fetch and download content from arbitrary public URLs (YouTube, Bilibili, Twitter, etc.) using yt-dlp (including listing formats with -F and executing network-enabled shell commands), meaning untrusted, user-generated third-party content is ingested and its metadata/output can influence subsequent tool actions.