persona-pack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires deriving personas from benchmark artifacts and "strong benchmark handles and URLs" (SKILL.md) and includes a runtime script download_videos_from_manifest_with_ytdlp.mjs that fetches videos from item.sourceUrl (public URLs via yt_dlp), so it ingests untrusted, user-generated third-party content that can influence persona decisions.