search-youtube

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and processes public, user-generated content (YouTube/Vimeo/Twitter/etc.) via yt-dlp — see SKILL.md Research Mode (Round 3: "Download transcripts" / "Read each transcript and synthesize findings") and scripts/yt_research.py (cmd_search, cmd_transcript, cmd_metadata) — and then reads and synthesizes that content into reports, so untrusted third‑party material can directly influence decision-making and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes yt-dlp at runtime to fetch user-supplied video URLs (e.g., https://www.youtube.com/watch?v=example1) and downloads/transcribes remote subtitle content which is then injected into the agent's context for summarization, so remote content can directly control the model's input.