video-production

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). This is a Google Drive folder link — while on a legitimate domain, personal file-hosting links can contain arbitrary files (including executables) and are commonly used to distribute malware from untrusted or unknown owners, so it should be treated as potentially risky unless you can verify the folder owner and contents.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly downloads and ingests user-provided content from Google Drive (see scripts/gdrive_video_download.py and references/workflow.md) and then parses filenames/titles and metadata (create_title_slides.py, stitch_videos.py, generate_youtube_description.py) which are interpreted to generate slides, timestamps, and descriptions that directly influence processing and outputs, so untrusted third‑party content can affect tool behavior.