video-clip-extractor

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The ffmpeg.org link is an official, low-risk vendor site, but the GitHub repo (https://github.com/linzzzzzz/openclip.git) is from an unknown/single-user account and instructs cloning and executing repository code—an action that can deliver malicious scripts if the repo is untrusted—so the combined source is moderately high risk unless the repo is audited and verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly downloads videos and platform subtitles from public sites (Bilibili/YouTube) as part of its required "Download" step and then transcribes and feeds those transcripts to an LLM for analysis and clip selection, so untrusted user-generated content can directly influence model decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The setup step instructs cloning and running code from https://github.com/linzzzzzz/openclip.git (git clone ... && uv run python video_orchestrator.py), which fetches remote code that is executed at runtime and can contain prompt files used by the orchestrator, so it directly controls executed behavior and prompts.