youtube-search-api-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly starts a BrowserAct workflow to fetch and parse public YouTube search results (see SKILL.md "extract structured fields directly from the YouTube search results list" and scripts/youtube_search_api.py which returns titles/descriptions/urls), so the agent ingests untrusted, user-generated third‑party content and is expected to read/interpret it as part of its workflow.