video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public user-generated media and subtitles from third-party sites (see "Trigger" list and Step 1a/1b/1c/1d where it uses yt-dlp/curl to download subtitles/audio from YouTube, Bilibili, X/Twitter, Xiaoyuzhou, Apple Podcasts and direct URLs) and then transcribes and summarizes that content, so untrusted third-party content can directly influence its outputs and derived action items.