yt-dlp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using yt-dlp to download and process content from arbitrary public websites (see README.md "Basic Commands" with "yt-dlp URL" and wiki/Extractors.md) including subtitles and metadata, so the agent would fetch and read untrusted, user-generated third-party content.