good-TTvideo2text

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and processes user-provided Douyin/TikTok video URLs (see "Paste video URL" in Web UI, the transcribe.py usage, and the supported URL formats), which are public user-generated third-party content that the agent reads and transcribes—exposing it to untrusted input that could carry indirect prompt injection.