video-lens

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests untrusted, user-generated YouTube content — see scripts/fetch_transcript.py (HTTP GET to https://www.youtube.com/watch?v=VIDEO_ID and youtube_transcript_api) and scripts/fetch_metadata.py (yt-dlp dumping description/chapters) and SKILL.md Steps 2/2b/3 which require reading the transcript and description and using them to generate the summary, key points, tags, and outline — so third‑party content is read and directly influences the agent's outputs and behavior, creating a clear indirect prompt‑injection surface.