youtube-transcript-summarizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches user-generated/public YouTube transcripts (via get_transcript using youtube-transcript-api) and video titles (via fetch_video_title using yt-dlp) and then reads and submits that transcript text into the summarization workflow (summarize_with_claude), exposing the agent to untrusted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill fetches YouTube transcripts at runtime from URLs like https://www.youtube.com/watch?v=VIDEO_ID (via youtube_transcript_api) and directly injects that fetched transcript into the Claude prompt, so externally hosted content can influence/override model instructions.