youtube-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and returns public, user-generated YouTube content (titles, descriptions, search results, and comments) via the YouTube Data API — see SKILL.md commands like "search" and "comments" and the python functions cmd_search/cmd_comments/cmd_video — which the agent reads and could use to drive follow-up actions (e.g., replies, uploads, playlist changes), so untrusted third-party content could carry indirect prompt injection.