bilibili-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests untrusted, user-generated content from Bilibili (e.g., subtitles, comments, dynamics, related videos) as shown in SKILL.md's "Video Content Analysis" workflow and command docs (e.g., "bili video --subtitle", "--comments", "bili feed", "my-dynamics"), and agents are instructed to read and act on that content for summarization and follow-up actions, creating clear scope for indirect prompt injection.