mk-youtube-get-caption

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly downloads and ingests public, user-generated YouTube subtitles (via yt-dlp called in scripts/caption.sh and described in SKILL.md/README), then expects the agent to read/summary those transcript files (text_file_path) as part of its workflow, so untrusted third‑party content can materially influence subsequent tool use/actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime ensure scripts (_utility__ensure_ytdlp.sh and _utility__ensure_jq.sh) auto-download required binaries and invoke them (executing remote code) from GitHub release URLs such as https://github.com/yt-dlp/yt-dlp/releases/latest/download (yt-dlp) and https://github.com/jqlang/jq/releases/download/jq-1.7.1 (jq), which are fetched at runtime and are required dependencies.