yt-dlp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly takes user-provided public URLs and runs yt-dlp against them (see SKILL.md workflow steps 1 and 7 and the COMMANDS.md/TROUBLESHOOTING.md examples for YouTube, Bilibili, Twitter/X, TikTok, etc.), so it fetches and ingests untrusted, user-generated third‑party content that can change available formats/metadata and thus materially influence command selection and next actions.