youtube-outliers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill clearly scrapes and ingests user-generated YouTube content (yt-dlp searches and channel scraping in scripts/scrape_youtube_outliers.py and scripts/update_transcripts.py) and fetches transcripts via the Apify actor "karamelo/youtube-transcripts", then reads and summarizes those transcripts (using Anthropic) and uses video/channel metadata to calculate outlier scores and drive selections, so untrusted third-party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls the Apify actor "karamelo/youtube-transcripts" at runtime (via apify_client.actor("karamelo/youtube-transcripts").call(...)) to fetch transcript text which is then directly injected into the Anthropic prompt, creating a prompt-injection risk from remote content.