youtube-clipper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill downloads arbitrary public YouTube videos and subtitles via scripts/download_video.py (user‑supplied URLs) and then exposes the full subtitle text and translation batches to the agent for AI analysis (scripts/analyze_subtitles.py, scripts/translate_subtitles.py, scripts/generate_summary.py), so the agent is explicitly expected to read and interpret untrusted, user-generated third‑party content.