bilibili-render-pdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public Bilibili content (see "Use when the user provides a Bilibili URL" and the "Source Acquisition" / "Subtitle Acquisition" steps that download metadata, cover image, CC subtitles or Whisper transcripts, and video frames) and then directly reads and uses that untrusted, user-generated content to drive frame selection and generate the notes/PDF, which could allow indirect prompt injection.