video-batch-runner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill accepts and handles arbitrary HTTP(S) media URLs (see examples in references/tool-contracts.md and resolveProviderMediaInput in scripts/_shared.mjs) and includes a concrete runtime downloader that fetches public web videos via yt_dlp (_postplus_shared/.../download_videos_from_manifest_with_ytdlp.mjs), so untrusted third‑party content is fetched and can be used as reference media that materially influences render prompts and downstream actions.