video-transcribe
Warn
Audited by Snyk on Jul 10, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Yes—when the required workflow uses a user-supplied URL,
scripts/transcribe.pydownloads outsider-authored media viayt-dlp, transcribes it withfaster-whisper, and then prints the resulting transcript text (print(data["text"])) which becomes readable LLM context (free-form text originating from the external video).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata