bilibili-render-pdf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly downloads and ingests content from public Bilibili URLs (see "Source Acquisition", "Subtitle Acquisition", and "Video and Cover Download" in SKILL.md) — including CC subtitles, Whisper transcripts, video frames, and the cover image — and requires the agent to read and interpret that untrusted, user-generated content to drive figure selection, segmentation, and the generated LaTeX/PDF output, so third-party content can materially influence agent behavior.