video-processor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads content from arbitrary public sites using yt-dlp (see SKILL.md and scripts/video_processor.py download command referencing YouTube, Vimeo, Twitter, and arbitrary URLs) and then transcribes/inspects that downloaded audio with Whisper (transcribe command and preview logic), so untrusted user-generated third‑party content is fetched and interpreted as part of the workflow and could influence subsequent actions.