youtube-apify-transcript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md and scripts/fetch_transcript.py) explicitly calls an APIFY actor (pintostudio~youtube-transcript-scraper) to fetch publicly hosted YouTube transcripts (user-generated/untrusted content) and returns/consumes that transcript text as part of its normal processing, which could contain instructions that influence downstream decisions or actions.