laniameda-youtube-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public, user-generated content (YouTube/TikTok/Instagram/X videos and arbitrary web pages) via Supadata endpoints (/youtube/transcript, /extract, /web/scrape) as described in SKILL.md Step 2 and references/supadata.md, and the agent is required to read and act on that extracted content (extract prompts, workflows, verdicts, and potentially update KB/skills), creating a clear path for indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill calls the Supadata API (e.g. https://api.supadata.ai/v1 via endpoints like /youtube/transcript and /extract) at runtime to fetch transcripts/extracted on‑screen prompts and also fetches linked prompt files from video descriptions, and those fetched prompt texts are then injected into the agent's processing (directly influencing prompts/instructions) — this external service is required for the skill to function.