skillshare-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests and parses public Skillshare class pages and playback streams as part of its workflow (see "How It Will Work" steps 2–6 and "Expected Formats"), meaning it reads untrusted, user-generated third-party content from the open web and uses that content to decide which lessons to download and how to name files, which could allow indirect prompt-injection of instructions into the agent's processing.