clip-hand-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required pipeline explicitly downloads and ingests public web videos and subtitles (e.g., SKILL.md / HAND.toml Phase 1–2 using yt-dlp on YouTube/Vimeo/Twitter and Path A parsing YouTube json3 auto-subs) and calls external STT APIs (Groq/OpenAI/Deepgram) whose transcripts the agent must read and use to pick and time clips, so untrusted user-generated content can materially influence decisions and tool use.