summarize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the tool to fetch and summarize/transcribe arbitrary public URLs and YouTube videos (e.g., examples like summarize "https://example.com" and "https://youtu.be/…" and flags such as --firecrawl / APIFY), so untrusted third‑party content is ingested and used to drive agent outputs and decisions, enabling potential indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches arbitrary external URLs at runtime (e.g., "https://example.com" and "https://youtu.be/dQw4w9WgXcQ") and injects that fetched content into the model context to summarize/transcribe, so externally-hosted content can directly control prompts.