yt-dlp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill (scripts/download.sh and the included references/guide.md) calls yt-dlp on arbitrary user-supplied URLs (e.g., YouTube and "thousands of other sites") and explicitly downloads/embeds subtitles, thumbnails, and metadata from public, user-generated sources, so it ingests untrusted third‑party content that could convey indirect prompt injections.