yt-dlp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The SKILL.md explicitly directs fetching and processing content from public third‑party sites (e.g., YouTube, Twitter/X, Instagram, TikTok) and includes required workflow steps such as "yt-dlp -F 'URL'", "--dump-json", "--write-description", and subtitle/comment extraction that the agent is expected to read/interpret (format lists, JSON metadata, subtitles/comments) and then choose download formats or follow-up actions, so untrusted user-generated content can materially influence tool use and decisions.