youtube-summarizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests transcripts from public YouTube videos (via the MCP server at /root/clawd/mcp-server-youtube-transcript using getSubtitles as shown in the SKILL.md "Fetch Transcript" step), then reads and summarizes that user-generated content and uses it to drive outputs and delivery (save/send), so untrusted third-party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires cloning and running code from https://github.com/kimtaeyoon83/mcp-server-youtube-transcript (git clone ... && npm install && npm run build) and then executes that repo's JS via node at runtime to fetch transcripts, meaning remote code is fetched and executed as a required dependency.