youtube-topic-researcher

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It asks the agent to check memory or prompt the user for their YouTube API key and then directs replacing the API_KEY placeholder with that actual key in shell commands (YT_API_KEY=API_KEY ...), which requires the LLM to handle and potentially output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly runs a Python script that calls the YouTube Data API v3 to fetch public, user-generated video metadata (titles, descriptions, tags, comments/counts via videos.list and channels.list) and then reads the generated topic_research_data.json (Steps 3, 7, 8) to drive analysis and recommendations, so untrusted third‑party content from YouTube can materially influence the agent's decisions.