universal-video-clipper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly downloads arbitrary YouTube videos via yt-dlp (see download_video in ai_clip_generator.py / SKILL.md) and writes their transcripts into analysis_request.md using prompt_templates/clip_analysis_prompt.md, which the agent/AI is required to analyze to produce clip_recommendations.json that directly drive ffmpeg clipping—so untrusted, user-generated content from public YouTube can materially influence tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill downloads YouTube URLs at runtime (e.g., https://www.youtube.com/watch?v=VIDEO_ID or youtu.be/...) via yt-dlp, transcribes that fetched video, and injects the transcript into analysis_request.md which is then used as the AI analysis prompt—so remote content directly controls the prompt and is required for the skill to run.