summarize-youtube

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and transcribes audio from arbitrary YouTube URLs (user-provided public videos) using yt-dlp in scripts/summarize_youtube.sh and SKILL.md, and then feeds that untrusted, user-generated content into an LLM summarization workflow, so external content can directly influence agent outputs and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill directly fetches and transcribes the provided YouTube video URLs (e.g., https://www.youtube.com/watch?v=... and https://youtu.be/...) at runtime via yt-dlp/whisper.cpp and injects that transcript into the LLM summarizer, meaning remote content can directly control model prompts/outputs.