youtube-summarizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests untrusted, user-generated transcripts from YouTube (via youtube-transcript-api in Mode A or by WebFetch of https://www.youtube.com/watch?v=VIDEO_ID and caption URLs in Mode B as described in SKILL.md Step 3) and then instructs the agent to "Read" the transcript file and use it as input to the summarization prompt (Step 4), which allows third-party content to influence model behavior and could enable indirect prompt injection.