vtake-cut

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via transcript.json produced at runtime from the input video’s speech (ASR output is not authored by the operating user), and Step 6/8 explicitly instructs the agent to read that transcript to draft storyboard and write card HTML in-chat.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes npx at runtime to auto-download and execute remote npm packages (e.g., "npx -y @notedit/vtake@latest" and "npx hyperframes render") which fetch code from the npm registry (e.g. https://registry.npmjs.org/) and are required runtime dependencies that execute remote code.