youtube-music

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documented MCP tools (searchTrack and playTrack) explicitly fetch and open content from YouTube Music / the YouTube Data API (public user-generated videos and metadata) as described in SKILL.md and README, so the agent reads and acts on untrusted third‑party content from the open web.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's MCP configuration runs npx to fetch and execute the remote package @instructa/mcp-youtube-music (referenced at https://github.com/instructa/mcp-youtube-music), which is fetched at runtime and will execute remote code required for the skill.