bilibili-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow (see "How It Will Work" and "Planned Features") explicitly says the extension inspects the Bilibili web player in the active browser tab to detect streams and can export danmaku (user comments), meaning it ingests open/public, user-generated page content from Bilibili that can influence which streams/resolutions are selected and downloads initiated.