boring-youtube-mining

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes public YouTube content (Step 2 "Fetch Recent Videos" using yt-dlp on "https://www.youtube.com/@{handle}/videos" and Step 3 "Download Transcripts" from "https://www.youtube.com/watch?v={video_id}"), reading untrusted, user-generated transcripts which the agent must interpret to generate ideas and drive subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs yt-dlp at runtime to fetch YouTube transcripts from URLs such as https://www.youtube.com/watch?v={video_id} (and channel pages like https://www.youtube.com/@{handle}/videos) and injects that fetched transcript text into the model’s context to drive idea-generation, so external content directly controls prompts.