youtube-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public, user-generated YouTube content (metadata, description, chapters in Step 1; transcripts in Step 2 and fallback Whisper; and optional comments in Step 10) and has the agent and subagents read and process those third-party files, exposing it to potential indirect prompt injection from arbitrary YouTube pages/comments.