youtube-transcript

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These links include a direct installer shell script (install.sh) on a third‑party domain (astral.sh) — running a remote .sh via curl|sh from an unverified source can execute arbitrary code and is therefore high risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill downloads and ingests transcripts/subtitles and (optionally) audio from arbitrary YouTube URLs using yt-dlp (e.g., the --write-sub / --write-auto-sub and audio download steps) and then converts/transcribes them, meaning it consumes untrusted, user-generated third-party content from YouTube.