youtube-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public YouTube transcripts and metadata (see SKILL.md "Run fetch script" and scripts/fetch_youtube.py which uses youtube-transcript-api and yt-dlp) and the workflow and analysis modes require the agent to read and act on that untrusted, user-generated content (SKILL.md and references/analysis-modes.md), so third-party transcript text could indirectly inject instructions that influence subsequent analysis and tool use.