postey

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI explicitly downloads and transcribes arbitrary public video URLs (e.g., video transcribe in scripts/postey.js uses yt-dlp to fetch YouTube/https URLs and returns a transcript/suggested_captions which prompts.md then instructs the agent to consume and use to generate captions and create posts), meaning untrusted, user-generated web content is ingested and directly influences subsequent tool actions.