youtube-summarizer

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The YouTube links themselves are low-risk content URLs, but the skill explicitly instructs cloning and running code from an unvetted GitHub repository (kimtaeyoon83/mcp-server-youtube-transcript), and executing npm/build/node commands on code from an unknown account is a potential malware/compromise vector.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches transcripts from arbitrary public YouTube URLs (youtube.com/watch, youtu.be, /shorts) via the MCP YouTube Transcript server at /root/clawd/mcp-server-youtube-transcript and directly reads result.lines / the full transcript to generate summaries, which exposes the agent to untrusted, user-generated third-party content.