yt-dlp-downloader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and download content from user-provided public video URLs (e.g., YouTube, Bilibili, Twitter) — see the "Workflow" step that executes yt-dlp via Shell with network permissions and uses remote outputs (e.g., -F format listings and error responses) to decide follow-up actions — so untrusted third‑party content can influence subsequent tool use.