video-transcript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts (scripts/transcript.py and scripts/platform_extractor.py) explicitly fetch and scrape public, user-generated video pages and direct media URLs from B站/抖音/小红书/YouTube (via yt-dlp and a headless Playwright browser) and then send the audio to an LLM-based transcription API and print the resulting transcript to stdout for the agent to use, so untrusted third‑party content is directly ingested and interpreted as part of the workflow and could contain instructions that materially influence subsequent agent behavior.