watch-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public, user-generated video content and metadata (YouTube/Loom URLs, thumbnails, auto-descriptions, transcripts) as part of its required workflow (see SKILL.md Steps 1–4, platforms.md and scripts/loom_meta.py and analyze_video.py which use yt-dlp, oembed, GraphQL, and downloaded thumbnails to feed Gemini), so arbitrary third-party content can be read and directly influence analysis and resulting actions.