youtube-processor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches and ingests transcripts from arbitrary public YouTube videos (via tools/get_transcript.py and the FastAPI/WebFetch endpoint api/main.py using youtube-transcript-api), and the agent (Claude) is explicitly expected to read and summarize that untrusted, user-generated content.