mk-youtube-get-info

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches JSON, descriptions, and subtitles from arbitrary public YouTube URLs using yt-dlp (see SKILL.md "How it Works" and scripts/info.sh which calls yt-dlp -j and fetches subtitles) and then reads/parses that user-generated content to generate summaries and decide downstream actions, so untrusted third‑party content could influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill auto-downloads and runs required binaries at runtime from GitHub release URLs (e.g. https://github.com/yt-dlp/yt-dlp/releases/latest/download and https://github.com/jqlang/jq/releases/download/jq-1.7.1), meaning remote executables are fetched and executed as required dependencies.